vulnerability management

Energy companies are blind to thousands of exposed services

Energy companies are blind to thousands of exposed services 2025-08-07 at 07:02 By Anamarija Pogorelec Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap. Researchers assessed the external attack surface of 21 major energy companies, […]

React to this headline:

Loading spinner

Energy companies are blind to thousands of exposed services Read More »

CISOs say they’re prepared, their data says otherwise

CISOs say they’re prepared, their data says otherwise 2025-08-06 at 08:02 By Sinisa Markovic Most security teams believe they can act quickly when a threat emerges. But many don’t trust the very data they rely on to do so, and that’s holding them back. A new Axonius report, based on a survey of 500 U.S.-based

React to this headline:

Loading spinner

CISOs say they’re prepared, their data says otherwise Read More »

Tonic Security Launches With $7 Million in Seed Funding

Tonic Security Launches With $7 Million in Seed Funding 2025-07-30 at 12:03 By Ionut Arghire Tonic Security has emerged from stealth mode to tackle the complexity of exposure and vulnerability management. The post Tonic Security Launches With $7 Million in Seed Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Tonic Security Launches With $7 Million in Seed Funding Read More »

Root Evidence Launches With $12.5 Million in Seed Funding

Root Evidence Launches With $12.5 Million in Seed Funding 2025-07-28 at 15:39 By Ionut Arghire Root Evidence is developing fully integrated vulnerability scanning and attack surface management technology. The post Root Evidence Launches With $12.5 Million in Seed Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Root Evidence Launches With $12.5 Million in Seed Funding Read More »

Why we must go beyond tooling and CVEs to illuminate security blind spots

Why we must go beyond tooling and CVEs to illuminate security blind spots 2025-07-18 at 09:41 By Help Net Security In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an eleventh-hour reprieve saved the day. While CVEs

React to this headline:

Loading spinner

Why we must go beyond tooling and CVEs to illuminate security blind spots Read More »

Empirical Security Raises $12 Million for AI-Driven Vulnerability Management

Empirical Security Raises $12 Million for AI-Driven Vulnerability Management 2025-07-17 at 16:20 By Ionut Arghire Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform.  The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Empirical Security Raises $12 Million for AI-Driven Vulnerability Management Read More »

Exposure management is the answer to: “Am I working on the right things?”

Exposure management is the answer to: “Am I working on the right things?” 2025-07-08 at 09:07 By Mirko Zorz In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment

React to this headline:

Loading spinner

Exposure management is the answer to: “Am I working on the right things?” Read More »

Exposed and unaware? Smart buildings need smarter risk controls

Exposed and unaware? Smart buildings need smarter risk controls 2025-07-04 at 08:01 By Help Net Security 75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty. The post Exposed and unaware? Smart buildings need smarter risk controls appeared first on Help Net Security. This article is an excerpt

React to this headline:

Loading spinner

Exposed and unaware? Smart buildings need smarter risk controls Read More »

48% of security pros are falling behind compliance requirements

48% of security pros are falling behind compliance requirements 2025-06-02 at 07:07 By Help Net Security 32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are more realistic, noting they feel uncertain about achieving this near impossible outcome. Software compliance adoption varies across

React to this headline:

Loading spinner

48% of security pros are falling behind compliance requirements Read More »

NIST proposes new metric to gauge exploited vulnerabilities

NIST proposes new metric to gauge exploited vulnerabilities 2025-05-26 at 08:06 By Help Net Security NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a

React to this headline:

Loading spinner

NIST proposes new metric to gauge exploited vulnerabilities Read More »

EU Cybersecurity Agency ENISA Launches European Vulnerability Database

EU Cybersecurity Agency ENISA Launches European Vulnerability Database 2025-05-14 at 15:02 By Eduard Kovacs Experts say the European Vulnerability Database, or EUVD, should be a good resource, but only if ENISA manages to maintain it properly. The post EU Cybersecurity Agency ENISA Launches European Vulnerability Database appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

EU Cybersecurity Agency ENISA Launches European Vulnerability Database Read More »

What a future without CVEs means for cyber defense

What a future without CVEs means for cyber defense 2025-05-06 at 11:31 By Help Net Security The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for cybersecurity professionals to understand and mitigate security flaws. By providing a standardized method

React to this headline:

Loading spinner

What a future without CVEs means for cyber defense Read More »

What it really takes to build a resilient cyber program

What it really takes to build a resilient cyber program 2025-05-06 at 08:32 By Mirko Zorz In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page. Drawing on both

React to this headline:

Loading spinner

What it really takes to build a resilient cyber program Read More »

Review: Effective Vulnerability Management

Review: Effective Vulnerability Management 2025-05-05 at 08:03 By Mirko Zorz Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the authors Chris Hughes is the President of Aquia, a cybersecurity leader with 20 years of public and private sector experience,

React to this headline:

Loading spinner

Review: Effective Vulnerability Management Read More »

Investing in security? It’s not helping you fix what matters faster

Investing in security? It’s not helping you fix what matters faster 2025-04-29 at 07:30 By Help Net Security Automation and structured collaboration have a strong, positive influence on the efficiency of vulnerability management, according to Seemplicity. However, manual processes, unstructured workflows, and excessive noise from vulnerability scanning tools continue to slow remediation efforts, leading to

React to this headline:

Loading spinner

Investing in security? It’s not helping you fix what matters faster Read More »

Securing digital products under the Cyber Resilience Act

Securing digital products under the Cyber Resilience Act 2025-04-18 at 08:37 By Mirko Zorz In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in terms of regulatory complexity and impact on organizations. He discusses the technical

React to this headline:

Loading spinner

Securing digital products under the Cyber Resilience Act Read More »

Microsoft vulnerabilities: What’s improved, what’s at risk

Microsoft vulnerabilities: What’s improved, what’s at risk 2025-04-17 at 08:02 By Help Net Security Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and more

React to this headline:

Loading spinner

Microsoft vulnerabilities: What’s improved, what’s at risk Read More »

Funding uncertainty may spell the end of MITRE’s CVE program

Funding uncertainty may spell the end of MITRE’s CVE program 2025-04-16 at 14:56 By Zeljka Zorz The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in

React to this headline:

Loading spinner

Funding uncertainty may spell the end of MITRE’s CVE program Read More »

94% of firms say pentesting is essential, but few are doing it right

94% of firms say pentesting is essential, but few are doing it right 2025-04-15 at 08:05 By Help Net Security Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest issues 94% of firms view pentesting

React to this headline:

Loading spinner

94% of firms say pentesting is essential, but few are doing it right Read More »

Only 2-5% of application security alerts require immediate action

Only 2-5% of application security alerts require immediate action 2025-03-31 at 07:51 By Help Net Security The large volume of security alerts, many created by automated tools, is overwhelming security and development teams, according to the 2025 Application Security Benchmark report by Ox Security. The report is based on an analysis of over 101 million

React to this headline:

Loading spinner

Only 2-5% of application security alerts require immediate action Read More »

Scroll to Top