Request a Demo

07.30.2020 | vulnerabilities

Posted by Yonatan Amitay
TL;DR The BootHole vulnerability is not critical (yet), but it could potentially effect billions of devices worldwide. Exploiting it requires high ...
Read more
Vulcan Cyber Maturity Model Challenges Vulnerability Management Programs to Evolve New Vulcan Cyber eBook provides a blueprint for achieving advanced ...
Read more

07.15.2020 | vulnerabilities , SIGRed

Posted by Yonatan Amitay
What is the SIGRed Vulnerability (CVE-2020-1350)? SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the ...
Read more
All aspects of the financial services industry—from banking to securities, and from insurance to pensions—are highly regulated at multiple levels. ...
Read more
Vulcan Cyber Adds Customizable Risk Modeling to its Vulnerability Remediation Platform Vulcan Cyber now offers customizable vulnerability ...
Read more
While vulnerability management isn’t natively mapped to the MITRE ATT&CK framework by default, using cyber knowledge, data science, machine ...
Read more
Posted by Yonatan Amitay
SMBleed (CVE-2020-1206), its relation to SMBGhost and how to fix them The SMBleed vulnerability (CVE-2020-1206) allows an attacker to read ...
Read more
Posted by Roy Horev
The COVID-19 pandemic has created a need for security teams to make sudden adjustments to many of their processes. This article focuses on ...
Read more
The first part of this blog post series, The Three Stages of Enterprise Vulnerability Remediation, described the most serious challenges facing ...
Read more
Posted by Asaf Reshef
Managing your vulnerabilities - from identification and prioritization all the way through to remediation and resolution, is an extremely ...
Read more

05.3.2020 | vulnerability management

Posted by Asaf Reshef
Today's IT environment is markedly different to that of the 90s. While changes to infrastructures and applications have helped us reach new highs, ...
Read more
Posted by Yonatan Amitay
Over the past couple of weeks, we've seen some high profile security threats  that require your immediate attention. In this digest we've rounded ...
Read more
Posted by Asaf Reshef
Now more than ever, budgetary decisions and allocations are critical. When it comes to IT, with each team, department, and business unit convinced ...
Read more
With all the buzz around the latest campaigns and exploits, it might seem hard to know what really demands your attention. That’s why we’ve decided ...
Read more

04.8.2020 | Enterprise Security , VPN

Posted by Yonatan Amitay
The Coronavirus pandemic has drastically changed our reality in a blink of an eye. With WFH and social distancing becoming the new norm. While ...
Read more
A key component of any successful vulnerability remediation strategy, now maybe more than ever, is collaboration. Yet, it often seems to be ...
Read more

04.2.2020 | Patch Managment , Containers , K8s

Posted by Roy Horev
Only unused applications don’t receive updates. Otherwise, there are always more bugs to resolve, new requirements to address, and the latest ...
Read more
Posted by Yonatan Amitay
The past couple of weeks have presented many challenges from a security standpoint. There’s a lot of noise around threat actors, phishing campaigns ...
Read more
Seemingly overnight, the Coronavirus pandemic has made quarantines, travel bans and social distancing the new norm. As companies shift to a remote ...
Read more
Microsoft have accidentally revealed information regarding a security update for a wormable vulnerability SMBGhost (CVE-2020-0796) in the Microsoft ...
Read more
With the ephemeral nature of containers, you might think that patching is far less critical than it really is. But in fact, as with more traditional ...
Read more

03.3.2020 | vulnerabilities , Ghostcat

Posted by Yonatan Amitay
The Apache Tomcat servers that have been released over the last thirteen years are vulnerable to a bug known as “Ghostcat” (CVE-2020-1938) that ...
Read more

02.27.2020 | Regulation

Posted by Roy Horev
The rapid increase in fraud and business interruption caused by cyber attacks is behind the growing focus on security—particularly personal data ...
Read more
Every security manager knows that no matter how comprehensive your vulnerability management processes are, your network’s security depends on ...
Read more

01.30.2020 | RSA , RSA Innovation Sandbox

Posted by Vulcan Cyber
Continuing to rack up accolades for automating the remediation process of vulnerabilities at speed and scale, Vulcan Cyber is named one of the 10 ...
Read more
Alert: There's a new zero-day RCE on Windows Internet Explorer, CVE-2020-0674, with no available patches out there yet. Not only that, as of now ...
Read more
The US Cybersecurity and Infrastructure Security Agency (CISA) had alerted organizations to patch their Pulse Secure VPN servers as a defense against ...
Read more
Improving vulnerability management and remediation processes is a task that requires cybersecurity pros to actively keep up with the latest ...
Read more
Posted by Yaniv Bar-Dayan
With 2019 coming to a close, it’s a great opportunity for reflection. Looking back - what a year this has been! So many milestones and achievements ...
Read more
Posted by Roy Horev
Continuous integration and continuous delivery and/or deployment (CI/CD) has become a staple within the modern software development landscape, and it ...
Read more

12.18.2019 | vulnerabilities

Posted by Tal Morgenstern
As 2019 draws to a close, we want to look back at the year’s biggest security breaches. Some we chose because of the damage they caused, others ...
Read more

12.11.2019 | Windows Patching

Posted by Roy Horev
With new vulnerabilities and threats constantly making headlines, frequent patch releases is a must for operating systems. Keeping software and ...
Read more
The Cybersecurity and Infrastructure Security Agency (CISA) is responsible for building America’s “national capacity to defend against cyber-attacks ...
Read more

11.28.2019 | vulnerability remediation

Posted by Roy Horev
The primary objective of vulnerability remediation is to pre-empt breaches before the vulnerabilities in data, applications, networks, or endpoints ...
Read more
In a previous blog on challenges in today’s security environment, we discussed the shortage of cybersecurity personnel - in the US alone, 3.5 million ...
Read more

11.12.2019 | Patch Managment

Posted by Roy Horev
Patching has become particularly challenging in the new cloud and hybrid-cloud environments— especially across Windows and Linux—despite the many ...
Read more
The 1990s: When Remediation was Simple Back in the 1990s, every company’s network was fairly self-contained, using relatively few third-party ...
Read more

11.3.2019 | Linux , Workarounds

Posted by Navot Yellin
The team responsible for sudo, a popular Linux command-line tool, published a new security alert under CVE-2019-14287. It has a high CVSS score of ...
Read more
New exploit published for a Group Policy vulnerability disclosed back in 2015, allows remote code execution on vulnerable version of Windows. While ...
Read more

10.30.2019 | DevSecOps , Patch Managment

Posted by Roy Horev
With the advent of the cloud computing movement, organizations have been shifting to managed infrastructures to offset IT costs. Yet in a complex and ...
Read more
Posted by Vulcan Cyber
TEL AVIV, Oct. 24, 2019 -- Israeli startup Vulcan Cyber, helping enterprises close the cybersecurity vulnerability remediation gap, has been named a ...
Read more
Malicious breaches are on the rise and they’re getting more expensive, according to a July 2019 IBM report. An average breach now costs $3.92 ...
Read more
With all the vulnerability remediation suites and individual tools on the market, it can be hard to determine which features and components are ...
Read more
The massive “Collection #1” breach of 2019 exposed 772,904,991 unique emails and 21,222,975 unique passwords. The data appears to have been taken ...
Read more
Posted by Yaniv Bar-Dayan
Highlights: Brings total raised in one year to $14 million for expansion of North American operations and R&D  Mark Hatfield, general partner at Ten ...
Read more

06.13.2019 | vulnerabilities , Cybersecurity

Posted by Roy Horev
You might think that the hackers bringing down organizations and infrastructures are government trained, highly advanced coders. The truth is far ...
Read more
By this point, we’re all well aware of the torrents of vulnerabilities out there and the pressure that they impose on CISOs and security teams. ...
Read more

05.29.2019 | AWS Lambda , Linux , Patch Managment

Posted by Roy Horev
Amazon released the EC2 Run Command in 2015 as the first step to extend a bridge back to datacenter, enterprise, and traditional operations ...
Read more

05.23.2019 | vulnerabilities , Pen Testing

Posted by Roy Horev
For an organization to be confident it must have a solid security posture, and for this, regular testing is key. Two types of testing are critical to ...
Read more

05.14.2019 | vulnerabilities

Posted by Roy Horev
In the broadest sense, “Asset Management” means managing the complete life-cycle of every corporate asset, from procurement to safe disposal. ...
Read more

05.7.2019 | vulnerabilities

Posted by Tal Morgenstern
There’s a buzz in the vulnerability management market surrounding solutions to protect against Zero Day vulnerabilities - vulnerabilities that were ...
Read more
The number of vulnerabilities uncovered daily has long exceeded what security teams can possibly address. The key to success in vulnerability ...
Read more

04.23.2019 | Patching , vulnerabilities

Posted by Tal Morgenstern
With over 1,600 new vulnerabilities reported in the first 100 days of 2019, in addition to the 17,308 reported in 2018, it’s clear that vulnerability ...
Read more

04.4.2019 | vulnerability remediation

Posted by Roy Horev
Vulnerability remediation was once considered a straightforward process. Scanning software identified potential vulnerabilities and notified the ...
Read more
Enterprises face new security threats daily. In 2017-18 alone, over 30,000 new vulnerabilities were reported. Trying to adapt to this new reality has ...
Read more
It’s the question that plagues every CISO: “Have I done enough?” First, you’ve convinced your partners in the boardroom that vulnerabilities are a ...
Read more

03.14.2019 | vulnerabilities , Cybersecurity

Posted by Roy Horev
The number of known vulnerabilities has exploded in recent years. With enterprises using more software solutions, open-source, cloud, Internet of ...
Read more
Everyone knows that CISOs are losing sleep over the dangers that vulnerabilities could potentially cause their businesses, and with good reason. But ...
Read more

02.27.2019 | Patching

Posted by Ortal Keizman
So, it’s time to patch again. Kind of like getting your flu shots – you know it’s good for you, but nobody likes doing it. Let’s do a quick analysis ...
Read more
“If it were easy, everyone would do it.” With the never-ending headlines of major breaches caused by vulnerabilities, it’s clear that vulnerability ...
Read more

02.12.2019 | Cybersecurity

Posted by Roy Horev
No matter what IT field you work in, staying on top of the latest technologies and trends is a must, especially in cybersecurity. Just as a good ...
Read more
Security and IT teams are currently fighting a flood of software vulnerabilities. In 2018 alone, a record 16,555 were reported. Of these, thousands ...
Read more
  It's been over a year since the Equifax breach made headline news. But I have the feeling that organizations haven't looked at the Equifax breach ...
Read more

01.23.2019 | Patching

Posted by Roy Horev
  On the surface, patch management sounds like a straightforward task. But patching in a production environment means making a change to potentially ...
Read more
Posted by Natalie Kriheli
For our day to day product deployment, we use docker containers. Whenever a new piece of code is being shipped to production, our CI/CD process ...
Read more
Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and ...
Read more

12.27.2018 | DevSecOps , Cybersecurity

Posted by Roy Horev
DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are ...
Read more

12.20.2018 | vulnerabilities

Posted by Roy Horev
Trends in vulnerabilities and threats evolve as the technology landscape changes. The vulnerability landscape has changed tremendously over the last ...
Read more
By now, everybody knows that vulnerabilities that aren't remediated properly could pose a serious threat to the enterprises environment.The data ...
Read more
With the end of the year, it’s prime time to reflect on vulnerability trends since the start of the decade.
Read more
However you flip the number of recorded vulnerabilities in a given year, the number is at once humbling and noteworthy. We know that both actions – ...
Read more

11.1.2018 | vulnerabilities

Posted by Roy Horev
The best way to share information about the risks associated with vulnerabilities is via quantifying these risks – i.e. metrics. The question is, ...
Read more
A key part of any risk assessment framework, vulnerability intelligence enables organizations to consider the broader picture when assessing a given ...
Read more

10.17.2018 | vulnerabilities

Posted by Roy Horev
  While technology companies aim to ensure that their products are watertight, the fact of the matter is that security vulnerabilities are ...
Read more

10.11.2018 | vulnerabilities

Posted by Roy Horev
The question of remediating every single vulnerability is moot. Given the massive amounts of vulnerabilities being disclosed every month, it’s ...
Read more
  As a CISO or Security Manager, you understand your organization’s need to remain one step ahead of cybercriminals searching for gaps in your ...
Read more

09.26.2018 | Patching

Posted by Tal Morgenstern
  The 15th anniversary of Patch Tuesday is coming up, and now is a good time to rethink how we approach patching as a whole, and how we prepare for ...
Read more
  In its 2018 “Global Risks Report,” the World Economic Forum – a prominent international policy think-tank – ranked cyber threats just below extreme ...
Read more

09.5.2018 | DevSecOps

Posted by Roy Horev
  The demanding speed of today’s development cycles and flexibility of IT infrastructure provides a huge opportunity to move faster not only for the ...
Read more

08.28.2018 | Cybersecurity

Posted by Yaniv Bar-Dayan
   Figuring out the best way to leverage the cyber risk landscape with growing numbers of vulnerabilities every day is a daunting task, to say the ...
Read more

08.21.2018 | DevSecOps

Posted by Roy Horev
  DevOps took the software scene by storm in 2008, with the promise to reduce the time between changing a software system and that change being ...
Read more
  For several months in early 2018, you could not open a browser without seeing news about Spectre and Meltdown – the variants of a vulnerability ...
Read more
  With proper cyber hygiene, you can control IT processes - rather than being controlled by endless (and unhygienic) vulnerabilities.
Read more
Just five years ago, the vulnerability landscape looked markedly different. There were fewer vulnerabilities to patch and risk was far lower - since ...
Read more
  As we discussed in a previous post, a tsunami of known vulnerabilities is flooding businesses worldwide. In fact, the number of vulnerabilities ...
Read more
  With nearly 15,000 new vulnerabilities discovered in 2017, and even more expected this year – the competition for ‘worst vulnerability’ is a tough ...
Read more
  There’s no other way to state it: Existing vulnerability management processes are broken. Current vulnerability management paradigms are not ...
Read more
  According to CVE Details, the number of vulnerabilities reported to date in 2018 (6559) already tops the total number of vulnerabilities reported ...
Read more

06.21.2018 | Drupal , Patching

Posted by Guy Bratman
  On March 27th 2018, the Drupal CMS team announced a massive vulnerability dubbed ‘Drupalgeddon 2’. Accordingly, they recommended that “Drupal site ...
Read more
  “Don’t wake a sleeping lion.” This was the reaction my two co-founders Tal Morgenstern, Roy Horev, and I had gotten over and over again when ...
Read more
pAKMEN1

Don’t miss out on the latest

Stay up to date on the latest in Vulnerability Remediation.
We promise not to spam you