We’ve all seen it happen: you create a solid remediation plan, map out the misconfigurations and vulnerabilities, and develop a plan to fix them, but when it comes time to execute, things start to fall apart. Why do remediation plans fail even when they seem solid on paper? The truth is, it’s often not the plan itself, but how it’s executed. Let’s break down the common obstacles that cause remediation efforts to go wrong and what you can do to avoid them.

Earlier this year, we launched a new Domains page to give you more powerful and flexible attack surface insights. When the recent CUPS vulnerability hit the news, our new page quickly allowed users to create a policy to detect potential threats on port 631—something that wasn’t possible before. Since then, we’ve rolled out dozens of improvements to help security teams like yours feel more confident in managing their ever-changing attack surface.

Whether you’re the CISO or part of the incident response team, it’s likely you have heard of exposure management (EM). Introduced by Gartner in 2022 as the evolution of vulnerability management (VM), the name “exposure management” was adopted by vendors faster than you can say “next gen” or “AI-powered”. Unfortunately for consumers the hype added more confusion than clarity. This blog is a chance to reset expectations.

Passkeys are superior to passwords in almost every way. They’re simpler to use because there’s nothing to memorize, type out, or paste in. They’re also always strong and come with multi-factor authentication built right in. In short, passkeys are awesome.

Migrating virtual machines (VMs) from VMware to next-generation open infrastructure platforms like KubeVirt and OpenShift Virtualization carries some VM migration risks that can impact business operations if not managed properly. One of the key challenges is compatibility, as the architecture, configurations, and dependencies of VMs in VMware may not seamlessly translate to new environments, leading to issues with performance, application functionality, or even failed migrations. Process risks include.

Depending on who you ask, between 70 and 90 percent of cyber risk has human error as the root cause. That's why Human Risk Management (HRM) is so important. And here is the next major advance in HRM. We're thrilled to announce the second version of our risk score architecture. It is so far advanced we have renamed—promoted really—our initial "Virtual Risk Officer" to SmartRisk Agent.

A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims. Someone steals a physical mobile phone and they need to unlock it. But to do so, you need the Apple ID or Google account of the phone’s owner. So, where do you go? Well, it used to be iServer – an automated phishing-as-a-service platform that could harvest credentials to unlock the stolen phones.