asset inventory
Advisories Are Now Exploit Specs. Act Accordingly.Â
The zero-day-to-n-day collapse is no longer theoretical, as demonstrated by CVE-2026-39987 in Marimo, which saw initial exploitation occur just nine hours and 41 minutes after disclosure without a public proof-of-concept. The real ...
The Path to Clarity and Control with A Cyber Risk Assessment
The attack surface is constantly shifting—new assets, cloud services & workloads, APIs, and microservices emerge almost daily while legacy systems are retired and, hopefully, taken offline. This relentless pace creates a complex ...
CAASM: Dead-End Approach or Worthwhile Journey?
Cyber Asset Attack Surface Management (CAASM) is focused on enabling security teams to overcome asset visibility. Asset visibility is foundational to security programs — knowing what assets exist in their environment and ...
NetworkMiner 2.9 Released
NetworkMiner 2.9 brings several new and improved features to help analysts make sense of network traffic from malware, criminals and industrial control systems. Highlights from this new version include: TZSP supportStealC extractorImproved ...
Balbix Guide to XZ Utils Backdoor
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Understanding Your Attack Surface: AI or bust
Creating an accurate inventory of an organization’s assets and applications while ensuring no duplicates or omissions is essential for any IT and security program. Security teams must understand vulnerabilities associated with their ...
What is a Shadow API? Understanding the risks and strategies to prevent their sprawl
Understand main Shadow API risks, and discover powerful strategies to curb Shadow API sprawl effectively ...
How Balbix Ensures Your Asset Inventory is Accurate and Complete
No Aggregation = Aggravation Having a broad range of security tools is necessary to ensure a strong security posture. Any good security strategy will have a diverse set of tools providing a ...
CISA Directs Federal Agencies to Boost System Visibility
The Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 to improve vulnerability detection and identify weaknesses in federal civilian agencies’ systems and networks. Dubbed “Improving Asset ...
The Reason You Need to Have Complete Visibility of all Your Assets and Security Controls
Putting together a jigsaw puzzle is a great way to spend the weekend. Looking at that complete picture in the end is a great feeling. But imagine getting to the end of ...
