Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach

The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...

What is CTEM? A Modern Approach to Cyber Risk

To effectively defend your organization, you need to think like an attacker. Attackers don’t care about a vulnerability’s CVSS score; they care about whether they can exploit it to reach a valuable target. Traditional security often misses this crucial context, leaving you to guess which of the...

6 Best Exposure Management Cybersecurity Platforms

How do you know if your security controls will actually stop an attack? You can have the best firewalls and endpoint protection on the market, but misconfigurations or undiscovered assets can render them useless. This is the fundamental question that traditional vulnerability management can't...

6 Best Enterprise Security Platforms for 2026

If your security stack feels like a cluttered garage full of single-purpose tools, you’re not alone. You have one tool for endpoints, another for the network, and a few more for the cloud—none of which communicate effectively. This patchwork approach creates dangerous blind spots and buries your...

Network-Vuln

🔍 Network Vulnerability Scanner !Pythonhttps://img.shiel...

6 Best CTEM Vendors: A Head-to-Head Comparison

Your team just ran a vulnerability scan and now you’re staring at a list of thousands of CVEs. The big question is, what do you fix first? Relying on CVSS scores alone doesn’t tell you which of these vulnerabilities are actually exploitable in your environment or which ones protect your most...

Bringing the Power of Agentic AI for Identity Risk, Adaptive Threat Prioritization, and Exposure Exploitability Validation

Qualys Enterprise TruRisk Management ETM extends the power of risk operations with agentic AI — Introducing ETM Identity, TruLens for industry-based threat prioritization, and TruConfirm exposure exploitability validation to accelerate your remediation. Every year at our yearly conference, now...

POLAR: Automating Cyber Threat Prioritization through LLM-Powered Assessment

Large Language Models LLMs are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence CTI to support vulnerability assessment and incident response. While recent work has shown that LLMs can support a wid...

Unleashing Agentic AI for Superior Threat-Informed Risk Prioritization with Agent Nyra

The cybersecurity landscape evolves relentlessly, with new adversaries and threats emerging daily. For organizations navigating these challenges, reactive responses are no longer enough. It’s about moving from complex, disconnected data streams to proactive, autonomous solutions with actionable...

From Exposure Whack-a-Mole to Autonomous Cyber Risk Management: Meet Agentic AI on the Qualys Platform

Cyber threats are increasing in both volume and sophistication, while the enterprise attack surface continues to expand. This puts immense pressure on security teams, who are already overwhelmed by tool sprawl and a flood of disconnected findings—often lacking the context needed to prioritize bas...

The 0.6% That Actually Matters

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Your security team is drowning in...

Vulnerability Management Chaining: an Integrated Framework for Efficient Cybersecurity Risk Prioritization

Cybersecurity teams face an overwhelming vulnerability crisis: with 25,000+ new CVEs disclosed annually, traditional CVSS-based prioritization requires addressing 60% of all vulnerabilities while correctly identifying only 20% of those actually exploited. We propose Vulnerability Management...

What Is Attack Surface Management?

Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and...

Unraveling Real-Life Attack Paths – Key Lessons Learned

In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them to their desired...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

Introducing Qualys Context XDR: the Difference between Chaos & Clarity

In my role as a product leader, I have the pleasure of meeting security practitioners from organizations big and small, across multiple industry segments and geographies. No matter how large or small their budget or staff is, how much they’ve invested in their tech stack or how much experience th...

Automatically Discover, Prioritize and Remediate Windows DNS Vulnerability (SigRed – CVE-2020-1350) Using Qualys VMDR®

On July 14, 2020, Microsoft issued a new security advisory on Microsoft Windows Patch Day – addressing CVE-2020-1350, also known as SigRed – a remote code execution vulnerability in Windows Domain Name System DNS servers. The security issue has received a critical severity rating score of 10.0...

Automatically Discover, Prioritize and Remediate Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006) using Qualys VMDR®

On March 23, Microsoft released zero day advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library that affects multiple versions of Windows and Windows Server. The vulnerabilities exist within the way that Windows parses OpenType fonts. For...

Verizon’s DBIR Highlights Key Drivers of Security Risk

It’s that time of the year when Verizon updates us on the latest trends in the global threat landscape with its Data Breach Investigations Report DBIR. The findings in this year’s report are based on data provided by more than 70 sources including Qualys about more than 41,000 security incidents,...

GDPR Is Here: Manage Vulnerabilities and Prioritize Threat Remediation

To provide the level of data protection required by the EU’s General Data Protection Regulation GDPR, your organization must continuously detect vulnerabilities, and prioritize their remediation. Why? An InfoSec team that’s chronically overwhelmed by its IT environment’s vulnerabilities and unabl...