Michael Greenberg

VERITI

Explore how seamless integration, automation, and collaboration drive effective vulnerability remediation to protect your organization in real-time. The post Mobilize Like Your Organization Depended On It  appeared first on VERITI ... Read More

Introduction  Identifying vulnerabilities is just the first step in exposure management. The real challenge lies in determining which ones matter most and addressing them without wasting resources or disrupting operations. With cyber threats becoming more sophisticated and pervasive, the ability to prioritize exposures effectively is crucial.  In this second blog ... Read More

Introduction  Without an accurate understanding of vulnerabilities, misconfigurations, and exposures, the journey toward reducing risk and maintaining a resilient infrastructure cannot begin. Effective assessment means more than just running periodic scans or generating a list of vulnerabilities. It requires a comprehensive, real-time understanding of the configurations, tools, and attack surfaces ... Read More

One of the biggest dilemmas for security teams is when to patch vulnerabilities. This is a classic “Patch-22” situation—patching immediately can be time-consuming and disruptive, but waiting leaves your organization exposed to cyber threats. It’s a tough balancing act between fixing vulnerabilities and maintaining business continuity.  With cyberattacks evolving and ... Read More

Organizations are constantly faced with the challenge of addressing vulnerabilities and threats to maintain a secure environment. Two common strategies to aide in this are remediation and mitigation, both of which aim to reduce risk but with different approaches and timelines. Understanding the distinction between these strategies—and knowing when to ... Read More

False positives are one of the most significant yet often overlooked challenges. When a security alert signals a potential threat that turns out to be benign, security teams are left scrambling to investigate a non-issue. While it may seem like a minor inconvenience, the cumulative effect of false positives can ... Read More

The sheer volume of vulnerabilities discovered each year—combined with limited time and resources—demands a more sophisticated strategy for prioritization. While the Common Vulnerability Scoring System (CVSS) has long been the industry standard for assessing the severity of vulnerabilities, it has significant limitations that can leave organizations exposed.  Limitations of the ... Read More

It’s often been said that fighting cyber threats is like playing a never-ending game of whack-a-mole. Just when you think you’ve dealt with one problem, another pops up, demanding immediate attention. For many organizations, this reactive approach has been the default, but it’s no longer enough in today’s complex threat ... Read More

Organizations face an overwhelming number of vulnerabilities and threats. The traditional approach has been to prioritize exposures—identifying and addressing the most critical vulnerabilities first. However, this method, while logical on the surface, has significant limitations. At Veriti, we advocate for a different strategy: prioritizing actions. By focusing on remediations rather than ... Read More

Introduction: MITRE ATT&CK stands as a cornerstone for understanding adversary tactics and techniques based on real-world observations. For SOC teams, it serves as a map to navigate the landscape of cyber threats, detailing the configurations, compensating controls, and vulnerabilities typical of various attack scenarios. This granular visibility empowers SOCs to prepare more ... Read More