How we improved vulnerability prioritization with machine learning
It’s easy to find vulnerabilities. It’s harder to prioritize and fix them. So far in 2024, there has been an average of over 110 CVEs disclosed per day. Compounded with all the vulnerabilities disclosed in the last two decades, security teams are faced with triaging thousands and thousands of vulnerabilities and ... Read More
Overcoming challenges in governing scanner adoption—step by step
IntroductionReady to tackle a challenging topic for DevSecOps and security teams in the application security space? Ready or not—let’s talk about increasing and governing the adoption of scanners.The Application Security ProcessApplication security is a labyrinth with myriad stages and steps as applications are developed internally. Within development processes, there are ... Read More
Cloud-native development – Security challenge or opportunity?
Modern SDLC - Complex but manageableCloud-native development and modern DevOps practices enable faster development cycles, high scalability, and smoother maintenance processes, yet, they also introduce new complexities for security teams. The introduction of IaC and containerized workloads, for example, brought exceptional flexibility and control to development teams and increased software ... Read More
On the criticality of SDLC context for vulnerability remediation
Risk can go undetected when full context of the SDLC is missingRisk to cloud environments originates from multiple possible sources. Managing cloud risk requires a deep understanding of how that risk ends up in the cloud in order to remediate it. For organizations that have internal development teams, a major ... Read More
