vulnerability management
Defenders must adapt to shrinking exploitation timelines
A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 …
Strengthening Kubernetes security posture with these essential steps
In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through …
EU adopts Cyber Resilience Act to secure connected products
The EU Council has adopted the Cyber Resilience Act (CRA), a new law that aims to make consumer products with digital components safe(r) to use. CRA requirements The CRA …
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional …
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …
Trends and dangers in open-source software dependencies
A C-suite perspective on potential vulnerabilities within open-source dependencies or software packages reveals that, while remediation costs for dependency risks are …
Managing low-code/no-code security risks
Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This …
Vulnerability prioritization is only the beginning
To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure …
How network segmentation can strengthen visibility in OT networks
What role does the firewall play in the protection of operational technology (OT) networks and systems? Many would say that it’s the defensive mechanism to protect that …
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every …
Cloud security threats CISOs need to know about
In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These …
AI accelerates code development faster than security teams can keep up
91% of respondents say their security budget is increasing this year, demonstrating a growing recognition of the importance of cybersecurity within organizations, according to …
Featured news
Resources
Don't miss
- Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
- Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
- Deepfake detection is losing ground to generative models
- Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
- Vector embedding security gap exposes enterprise AI pipelines