Security Insights
Deep dives, expert analysis, and practical guidance on exposure management, adversarial validation, and the future of AI-driven exposure management.
February 2024 Top CVEs and Vulnerabilities Report
In February, hearts weren't the only things feeling vulnerable. The cyber arena saw a variety of critical exposures across multiple platforms and applications. While patching might not be as romantic as chocolates or roses, organizations and individuals alike must stay protected. Here, we highlight
Bridging the Gap: Connecting Cybersecurity Spending to Business Results
Cybersecurity is no longer an optional expense; it's a strategic investment for businesses of all sizes. But securing budget approval for cybersecurity investments can be a hurdle, especially when justifying the return on investment (ROI). This blog tackles this challenge head-on, providing practica
What is Software Bill of Materials (SBOMs)?
Software Bill of Materials (SBOMs) is rapidly emerging as a cornerstone for robust software supply chain security. Functioning as a comprehensive inventory of all software components, dependencies, and associated metadata, SBOMs empower organizations to gain unparalleled transparency into the intric
How to Check for Subdomain Takeover: A Step-by-Step Guide
Subdomain takeovers pose a serious risk to businesses, as websites are the cornerstone of their online identity, driving brand awareness, customer engagement, and revenue. But what if, unknowingly, you've created a vulnerability that could expose your entire digital presence to attackers? Understand
RBVM Customized Dashboards: CFO Template
In the high-stakes arena of finance and cybersecurity, clarity is critical. Every data point holds the potential to shape your company's destiny. But raw numbers alone tell only half the story. Introducing Strobes next-generation CFO Dashboards for Risk-Based Vulnerability Management, where data tra
January 2024 Top CVE and Vulnerabilities Report
2024 is off to a crazy start in the cybersecurity world! Acquisitions are happening left, right, and center, and new cyber threats are emerging like weeds after a rainstorm. But fear not, security warriors! We're here to dish on the hottest vulnerabilities that have popped up this January, the kind
Difference in Traditional Vulnerability Management vs. Risk based Vulnerability Management
The key difference between risk based vulnerability management (RBVM) and traditional vulnerability management lies in prioritization. While both are concerned with identifying and addressing vulnerabilities, they take different approaches to deciding which vulnerabilities to tackle first. Risk Base
New Feature: Grouping Vulnerabilities To Streamline Patch Management
As someone who's been neck-deep in the world of cybersecurity for years, I've seen my fair share of "innovative" features come and go. Most don't fundamentally shift how we do things; they're just incremental improvements. However, every now and then, something comes along that really changes the ga
Offensive Security 101: Everything You Need to Know
For most, the term "offensive" evokes images of aggression and harm. But in cybersecurity, offensive security takes on a whole new meaning: proactive, strategic, and ultimately, robust security. That's the essence of offensive security, a practice that's rapidly evolving from a niche expertise to a
Understanding GitLab's Critical Security Release: CVE-2023-5009
Overview of the Vulnerability GitLab's recent critical security release addresses a vulnerability identified as CVE-2023-5009. This vulnerability, with a CVSS score of 9.6, posed a significant risk, particularly in the pipeline execution processes of GitLab's software. It affected versions before 16
Use Case: Rapid Identification and Escalation of a Critical Threat by Strobes ASM
Introduction In a recent critical incident, Strobes ASM, an attack surface management platform, played a key role in identifying and mitigating a severe threat in a custom-made WordPress application. The application was designed to require authentication for access, but due to a misconfiguration in
Strobes Custom Dashboards: Redefining Risk-Based Vulnerability Management
Say goodbye to generic dashboards and hello to customized vulnerability insights! Strobes' new custom vulnerability management dashboard feature injects a potent dose of personalization into your RBVM strategy. Let’s dive into the nitty-gritty of this feature and uncover how it revolutionizes the wa