Lucene search
K

358 matches found

hivepro
hivepro
added 2025/11/04 7:35 p.m.6 views

What Is Attack Surface Mapping And Why It’s Critical To your Security Program

You might think an attack surface mapper is just another name for a vulnerability scanner, but they serve two very different purposes. A scanner tests the assets you already know about for specific weaknesses. An attack surface mapper answers a more fundamental question: What assets do I even hav...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/03 1:36 p.m.50 views

Introducing Wiz ASM: Context-Driven Attack Surface Management

Wiz launches Attack Surface Scanner to bring context, ownership, and prioritization to every exposure, anywhere...

6.9AI score
Exploits0
hivepro
hivepro
added 2025/10/30 3:51 p.m.8 views

5 Best Threat Exposure Management Tools for 2025

A long list of vulnerabilities without context isn't a security strategy—it's just noise. Legacy vulnerability scanners are great at finding potential flaws, but they often fail to answer the most important question: "What should we fix right now?" This is why Threat Exposure Management TEM...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/10/29 12:55 p.m.7 views

Defend Smarter, Not Harder: The Power of Curated Vulnerability Intelligence

Let’s be honest, we as an industry spend far too long responding to issues that simply don’t matter. Chasing down false positives, reviewing threat intelligence reports that bear no relation to our sector, and more recently reviewing vulnerability advisories of systems not deployed within the...

8.6CVSS9.2AI score0.85543EPSS
Exploits0
hivepro
hivepro
added 2025/10/23 7:47 p.m.8 views

Mapping Attack Surface for Enterprises: A 5-Step Guide

An attacker doesn’t see your company the way you do. They don’t see departments, projects, or business units. They see a collection of potential entry points—a web of digital assets they can probe for a single weakness. Their goal is to find the one unlocked door you forgot about. This is why...

6.7AI score
Exploits0
hivepro
hivepro
added 2025/10/20 5:2 p.m.6 views

What Is a Platform for Continuous Exposure Assessment?

You can’t protect what you don’t know you have. In an environment of sprawling cloud instances, remote endpoints, and shadow IT, gaining a complete and accurate picture of your attack surface is a massive challenge. Periodic scans only provide a snapshot in time, missing assets that spin up and...

7AI score
Exploits0
hivepro
hivepro
added 2025/10/17 7:59 p.m.12 views

5 Types of Cybersecurity Assessment Tools Compared

Your organization’s assets are everywhere: on-premise servers, multi-cloud environments, remote endpoints, and countless applications. Trying to secure this sprawling digital footprint with siloed tools gives you a fragmented, incomplete picture of your risk. You might have one tool for cloud...

6.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/10/15 2:15 p.m.8 views

Bringing the Power of Agentic AI for Identity Risk, Adaptive Threat Prioritization, and Exposure Exploitability Validation

Qualys Enterprise TruRisk Management ETM extends the power of risk operations with agentic AI — Introducing ETM Identity, TruLens for industry-based threat prioritization, and TruConfirm exposure exploitability validation to accelerate your remediation. Every year at our yearly conference, now...

6.7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/10/15 2:10 p.m.18 views

Introducing TruConfirm for Enterprise TruRisk™ Management: Automated Exposure Validation

Enterprise security leaders and their teams face an impossible challenge: drowning in thousands of critical exposures in an ever-expanding attack surface while simultaneously trying to determine which ones pose a genuine risk of exploitation in their organizational environment. Traditional CVSS...

6.4AI score
Exploits0
hivepro
hivepro
added 2025/10/13 4:17 p.m.6 views

Beyond CVSS: Critical CVE Vulnerabilities Analysis

Attackers don't care about your CVSS scores. They care about finding a path into your network. That path might not be a single, glaring "critical" vulnerability. Often, it’s a chain of lower-severity weaknesses on overlooked assets that, when combined, give them the keys to the kingdom. This is w...

7.1AI score
Exploits0
hivepro
hivepro
added 2025/10/13 3:16 p.m.4 views

CISA Known Exploited Vulnerabilities May 2025: A Guide

Your vulnerability management backlog is probably overflowing. With thousands of new CVEs disclosed every year, it’s impossible to patch everything, and trying to do so leads to burnout and wasted effort. The CISA KEV catalog is the answer to this overwhelming noise. It’s not just another list of...

6.3AI score
Exploits0
hivepro
hivepro
added 2025/10/09 2:26 p.m.4 views

The Difference Between Vulnerability and Exposure Management Explained

To build a truly effective defense, you have to learn to see your organization through an attacker's eyes. Attackers don't care about your internal vulnerability scan reports or how many patches you applied last week. They look for one thing: an open door. They search for an accessible pathway th...

7.1AI score
Exploits0
hivepro
hivepro
added 2025/10/09 2:0 p.m.5 views

Houston CISO Meetup: The Strategic Shift from Mass Vulnerability Scanning to Proactive Exposure Reduction

Key takeaways from a CISO dinner with Al Lindseth and Hive Pro's Critt Golden. If you were one of the many CISO’s, CIO’s or cybersecurity leaders who joined our Threat Exposure Management dinner at Del Frisco’s Steak House in Houston yesterday, thank you for joining an oversold event! If you didn...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/09 1:48 p.m.5 views

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/05 12:0 a.m.6 views

Selecting Cybersecurity Requirements: Effects of LLM Use and Professional Software Development Experience

This study investigates how access to Large Language Models LLMs and varying levels of professional software development experience affect the prioritization of cybersecurity requirements for web applications. Twenty-three postgraduate students participated in a research study to prioritize...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-25233

Malicious code in bioql PyPI...

5.3CVSS6.2AI score0.00255EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/10/01 12:0 a.m.7 views

POLAR: Automating Cyber Threat Prioritization through LLM-Powered Assessment

Large Language Models LLMs are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence CTI to support vulnerability assessment and incident response. While recent work has shown that LLMs can support a wid...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/25 11:49 a.m.3 views

CTEM's Core: Prioritization and Validation

Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why? It's not because security teams can't see enough. Quite the contrary. Every security tool spits out thousands of findings. Patch this. Block...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.6 views

AEAS: Actionable Exploit Assessment System

Security practitioners face growing challenges in exploit assessment, as public vulnerability repositories are increasingly populated with inconsistent and low-quality exploit artifacts. Existing scoring systems, such as CVSS and EPSS, offer limited support for this task. They either rely on...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

MalEval Android Malware Evaluation Framework

This repository contains the source code of MalEval, an evaluation framework for Android malware behavior auditing, focusing on explaining and substantiating malicious behaviors. The framework provides expert-verified reports, curated metadata, and model outputs to enable reproducible evaluation ...

7AI score
Exploits0
Rows per page
Query Builder