Security Insights
Deep dives, expert analysis, and practical guidance on exposure management, adversarial validation, and the future of AI-driven security operations.
Top 5 Vulnerabilities for March 2024: A Closer Look at the XZ Utils Supply Chain Attack
March may have roared in like a lion, but for cybersecurity professionals, it was more like a backdoor sneaking into a critical utility. This month, we've seen some serious contenders, but one in particular has sent shockwaves through the open-source software (OSS) community: CVE-2024-3094, a sneaky
Why Ignoring Vulnerability Prioritization is a CISO's Worst Nightmare?
As a CISO, you're constantly bombarded with security threats, vulnerabilities, and a never-ending to-do list. But amidst the chaos, one crucial task often gets pushed aside: vulnerability prioritization. This might seem like a harmless oversight, but ignoring it can be your worst nightmare. Here's w
February 2024 Top CVEs and Vulnerabilities Report
In February, hearts weren't the only things feeling vulnerable. The cyber arena saw a variety of critical exposures across multiple platforms and applications. While patching might not be as romantic as chocolates or roses, organizations and individuals alike must stay protected. Here, we highlight
What is Software Bill of Materials (SBOMs)?
Software Bill of Materials (SBOMs) is rapidly emerging as a cornerstone for robust software supply chain security. Functioning as a comprehensive inventory of all software components, dependencies, and associated metadata, SBOMs empower organizations to gain unparalleled transparency into the intric
RBVM Customized Dashboards: CFO Template
In the high-stakes arena of finance and cybersecurity, clarity is critical. Every data point holds the potential to shape your company's destiny. But raw numbers alone tell only half the story. Introducing Strobes next-generation CFO Dashboards for Risk-Based Vulnerability Management, where data tra
January 2024 Top CVE and Vulnerabilities Report
2024 is off to a crazy start in the cybersecurity world! Acquisitions are happening left, right, and center, and new cyber threats are emerging like weeds after a rainstorm. But fear not, security warriors! We're here to dish on the hottest vulnerabilities that have popped up this January, the kind
Difference in Traditional Vulnerability Management vs. Risk based Vulnerability Management
The key difference between risk based vulnerability management (RBVM) and traditional vulnerability management lies in prioritization. While both are concerned with identifying and addressing vulnerabilities, they take different approaches to deciding which vulnerabilities to tackle first. Risk Base
New Feature: Grouping Vulnerabilities To Streamline Patch Management
As someone who's been neck-deep in the world of cybersecurity for years, I've seen my fair share of "innovative" features come and go. Most don't fundamentally shift how we do things; they're just incremental improvements. However, every now and then, something comes along that really changes the ga
Understanding GitLab's Critical Security Release: CVE-2023-5009
Overview of the Vulnerability GitLab's recent critical security release addresses a vulnerability identified as CVE-2023-5009. This vulnerability, with a CVSS score of 9.6, posed a significant risk, particularly in the pipeline execution processes of GitLab's software. It affected versions before 16
Vulnerability Management without auto-deduplication is inefficient
One of the significant challenges for organizations is timely remediation of identified vulnerabilities. 60% of breaches today involve vulnerabilities for which a patch exists but is not applied. Out of the approx. 11,000 known and exploitable vulnerabilities, some situations wherein patches are ava
Solving the Biggest Vulnerability Management Challenges with Strobes
With the changing digital landscape and multi-year ongoing transformational initiatives across industries, cyber threats are rising. These threats are a byproduct of continuous changes to the IT ecosystem expanding the attack surface management and amplifying vulnerability management challenges due
Uncovering the Limitations of Vulnerability Scanners
Why your organization needs more than just a scanner to stay secure? Vulnerability scanners are one of the most widely used tools to detect and assess an organization’s vulnerabilities. They are, usually automated tools that scan for known vulnerabilities in networks, web applications, infrastructur