Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The security industry has reached a turning point with AI. It’s no longer just hype, as AI has now become a critical part of day-to-day cybersecurity operations. According to The Rise of AI-Powered Vulnerability Management, the latest report from Seemplicity and Dark Reading, 86% of security teams now use some form of AI in their security stack. More than half of respondents say AI is already crucial to their work.

The regreSSHion vulnerability generated a lot of buzz and attention in mid-2024 that has since faded away. That’s in part because there’s no evidence that it was ever exploited. But, I argue it’s simply too dangerous not to patch, and that your vulnerability program needs to be flexible enough so that you can escalate exceptional cases like regreSSHion.

In December 2024, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI) and International Partners published a guide for “protecting communications infrastructure” in response to the discovery that a stealthy Chinese government threat actor, Salt Typhoon, had infiltrated a number of US telecommunications firms.