An Automated Framework for Cybersecurity Policy Compliance Assessment against Security Control Standards

Organizational cybersecurity policies are often examined to determine whether they adequately comply standard security controls. This task is difficult because control statements are abstract, whereas policy documents describe governance practices in varied natural language. As a result,...

SOCpilot: Verifying Policy Compliance for LLM-Assisted Incident Response

Security operations centers SOCs are beginning to use large language models LLMs as copilots to draft incident-response plans. These plans may include actions that are valid per the catalog but still violate mandatory steps, required ordering, or approval gates before analyst review. SOCpilot mak...

Optimizing Agent Planning for Security and Autonomy

Indirect prompt injection attacks threaten AI agents that execute consequential actions, motivating deterministic system-level defenses. Such defenses can provably block unsafe actions by enforcing confidentiality and integrity policies, but currently appear costly: they reduce task completion...

IRSDA: An Agent-Orchestrated Framework for Enterprise Intrusion Response

Modern enterprise systems face escalating cyber threats that are increasingly dynamic, distributed, and multi-stage in nature. Traditional intrusion detection and response systems often rely on static rules and manual workflows, which limit their ability to respond with the speed and precision...

EUVD-1999-1128

Malware in sbrugna...

EUVD-2009-0346

Malware in sbrugna...

5 Critical Questions For Adopting an AI Security Solution

In the era of rapidly advancing artificial intelligence AI and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM AI Security Posture Management solutions have gained traction t...

EUVD-2024-0424

Malicious code in bioql PyPI...

EUVD-2024-16107

Malicious code in bioql PyPI...

Metaverse Security and Privacy Research: a Systematic Review

The rapid growth of metaverse technologies, including virtual worlds, augmented reality, and lifelogging, has accelerated their adoption across diverse domains. This rise exposes users to significant new security and privacy challenges due to sociotechnical complexity, pervasive connectivity, and...

On Automating Security Policies with Contemporary LLMs

The complexity of modern computing environments and the growing sophistication of cyber threats necessitate a more robust, adaptive, and automated approach to security enforcement. In this paper, we present a framework leveraging large language models LLMs for automating attack mitigation policy...

Ensure That Partitions without Executable Files Are Mounted Using noexec

A data drive only stores data generated during service running. No command is executed in the data drive. Therefore, you can mount the drive or partition using noexec to improve security and reduce the attack surface. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be...

Log Spoofing Source Routing and Redirect Packets

Logging spoofing, source routing, and redirect packets sent to the system helps discover attack sources and formulate protection measures. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Ensure That Partitions That Do Not Need to Be Modified Are Mounted as Read-Only

Mounting a file system that does not need to be modified as read-only can prevent unintentional or malicious data tampering and reduce the attack surface. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Do Not Install Network Sniffing Tools

If network sniffing tools exist in the production environment, attackers may use them for network analysis and attacks. Therefore, in the production environment, do not install network sniffing, packet capturing, or analysis tools, such as tcpdump, Ethereal, and Wireshark. SPDX-FileCopyrightText:...

How Qualys Policy Compliance Helps You Adopt NIST AI RMF 1.0

Artificial Intelligence AI technologies are reshaping industries at an unprecedented pace. But while these technologies present incredible opportunities for innovation, they also pose unique risks. AI systems are no longer just futuristic concepts; they are actively influencing business decisions...

Debian dla-3961 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3961 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3961-1 [email protected]...

The Spanish National Security Framework (ENS) is Now Part of the Qualys Enterprise TruRisk™ Platform

The Spanish National Security Framework ENS, regulated by Royal Decree 311/2022 , is a mandatory framework designed to ensure an optimal level of security for the digital infrastructure of companies in the Spanish public sector and critical infrastructures. Its main objective is to establish a...

Enhance Your Cybersecurity Posture: Qualys Tackles CISA & NSA’s Top 10 Misconfigurations

The National Security Agency NSA alongside the Cybersecurity and Infrastructure Security Agency CISA have pinpointed the most critical misconfigurations that present substantial dangers to organizations. In particular, the advisory calls out the tactics, techniques, and procedures TTPs actors use...

Assess, Remediate, and Prevent the Top 10 MITRE ATT&CK Techniques for Ransomware, Mapped to Misconfigurations

In cybersecurity, the battle against ransomware is a pivotal challenge for organizations worldwide. Attackers are consistently refining their methods, highlighting the critical need for businesses to remain proactive in their defense strategies. To effectively address this threat, it is essential...