Why fixing every vulnerability is impossible—and unnecessary. Learn how risk-based vulnerability management prioritizes what to patch, what to defer, and why context matters more than CVSS ...

Attention Apache Flink users! The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added an Apache Flink vulnerability to its Known Exploited Vulnerabilities Catalog, highlighting evidence of its active exploitation. Apache Flink ...

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning for organizations nationwide, adding six critical vulnerabilities to its “Known Exploited Vulnerabilities” (KEV) catalog. Six critical vulnerabilities, including flaws in ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a notable update incorporating a high-severity vulnerability in the Service Location Protocol (SLP) into its Known Exploited Vulnerabilities (KEV) catalog. This decision stems ...

Insight #1 Google is now defaulting to the use of passkeys for authentication. This is a huge step in increasing the strength of the authentication mechanism out of the box for users, ...

The Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 to improve vulnerability detection and identify weaknesses in federal civilian agencies’ systems and networks. Dubbed “Improving Asset ...

On May 4, 2022, the Cybersecurity & Infrastructure Security Agency (CISA) added five “new” vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog. Three of the entries were originally disclosed in 2014, including ...