Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Visualizing Vulnerability Management: What Does a Single Pane of Glass Really Look Like?

Single Pane of Glass (SPOG) is a common buzzword that sends shivers down the spines of technical folks everywhere. Yet, executive teams ask for it, especially in vulnerability management. At the same time, the complex and fragmented nature of modern IT environments wreaks havoc on organizations aiming to understand their current location related to remediating and patching risks. So, what exactly is a single pane of glass, and what does it look like for enterprises today?

Applying Vulnerability Intelligence to CVSS and SSVC Frameworks

In this presentation, we explore the intersection of vulnerability intelligence and prioritization frameworks such as CVSS and SSVC as a means for strategically and rapidly prioritizing vulnerabilities to stay ahead of exploitation risks. We delve into the process of applying real-time threat intelligence tailored to the vulnerability landscape to enhance decision-making, optimize resource allocation, and ensure a precise and proactive defense against cyber threats.

How to Automate and Streamline Vulnerability Management Processes

Scott Kuffer, COO and co-founder of Nucleus Security, and Sonia Blanks, Director of Product Marketing of Nucleus Security, discuss the role of automation in vulnerability management. They emphasize the importance of looking beyond individual parts of the process and instead focusing on automating the entire ecosystem. Scott shares insights on how to streamline the vulnerability management process, including the need for thorough preparation and defining desired outcomes.

How to Operationalize Vulnerability Threat Intelligence

With so many vulnerabilities to address and potential threats looming, how can organizations prioritize and respond effectively? Enter Vulnerability Threat Intelligence (VTI). This knowledge not only aids in pinpointing vulnerabilities but also shapes strategies for risk acceptance and rapid responses to zero-day threats. Join our webinar where Patrick Garrity from Nucleus Security, Caleb Hoch from Google, and Jared Semrau from Mandiant, uncover how to effectively leverage vulnerability threat intelligence (VTI).

Applied Lessons from Product Security Teams in Vulnerability Management | Nucleus Security

Product security and vulnerability management have become critical components of an organization's overall cybersecurity strategy. However, these two teams often face challenges in working together effectively, leading to misalignment and potential security gaps. Patrick Garrity hosted a roundtable discussion with industry experts Matthew Clapham and Scott Kuffer to share applied lessons from product security teams and vulnerability management.

The Rise In Vulnerability Disclosure, Exploitation and Threat Intelligence

Patrick Garrity, Security Researcher at Nucleus Security, discusses the rise of vulnerabilities exploitation and threat intelligence in the field of vulnerability management. He highlights the history of vulnerability management, the increase in vulnerabilities and exploitation, the limitations of the common vulnerability scoring system (CVSS), and the emergence of vulnerability threat intelligence. Patrick also emphasizes the importance of open-source intelligence, such as CISA's Known Exploited Vulnerabilities (KEV) List and the Exploit Prediction Scoring System (EPSS), as well as the value of commercial threat intelligence.

How CISO's Should Approach Security Vulnerability Risk

Patrick Garrity, Security Researcher at Nucleus Security, interviews Aleksandr Yompolski, CEO of Security Scorecard, about the evolving cybersecurity landscape and the role of security ratings and risk assessments. They discuss the challenges organizations face in defending against exploitation attacks, the need for collaboration and communication in the industry, and the importance of balancing security and business agility.

Navigating the Challenges of Enterprise Vulnerability Management

When you’re managing cybersecurity at the enterprise level, it’s crucial to have a full breadth of understanding of the ins-and-outs of your enterprise vulnerability management program — including all of the challenges that come along with it. Only then can you begin to effectively prioritize risks and get ahead of vulnerabilities as quickly as possible. In this webinar, join our panelists of cybersecurity experts as they discuss.

CISA KEV's Known Ransomware Attribution

This past week, Patrick Garrity, Security Researcher at Nucleus, spent a lot of time exploring Cybersecurity and Infrastructure Security Agency's update the Known Exploited Vulnerabilities catalog, which now includes attribution to vulnerabilities associated with ransomware campaigns. In this short video, he explores this new addition and walks through the data visualizations he created to provide broader visibility into this new addition.