Announcing TruRisk™ 2.0: Unleashing Next-Level Precision in Cyber Risk Management

In cybersecurity, quantifying risk with precision is essential for robust security posture management. At Qualys, we continuously refine our methodologies to meet and exceed the evolving demands of vulnerability management and risk management. In October 2024, the launch of Qualys Enterprise...

Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing

Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...

OWASP API Security Top-10 for 2023 Risk Ratings

As you know by now, the final version of the OWASP API Security Top-10 2023 has been released. At first blush, the final 2023 release seems to retain most of the changes in category naming, language and intent from the 2019 edition which we saw in the RC version. In this post, we are going to...

Prioritize Remediation with a Perceived-Risk Approach to Strengthen CyberSecurity Effectiveness

Minimizing Time To Remediate TTR is becoming one of the key metrics of security program effectiveness. This holistic measure represents many capabilities and is a good validation of your risk mitigation capacity because it captures how quickly you can respond to the most critical vulnerabilities...

Easy Breadcrumb - Critical - Cross Site Scripting - SA-CONTRIB-2019-053

This module enables you to use the current URL path alias and the current page's title to automatically extract the breadcrumb's segments and its respective links then show them as breadcrumbs on your website. The module doesn't sufficiently sanitise user input in certain circumstances. This...