Tag: vulnerability management
Patch or Perish: The Brutal Truth About Vulnerability Management in 2025
Samuel Ogbonna | | Active Risk AI, AI-powered VM, attack surface management, breach costs, Cisco VM, continuous monitoring, CVEs 2025, cybersecurity best practices, delayed patching, exploit prediction, IBM data breach report, Kenna Security, machine learning risk scoring, patch management, predictive prioritization, Rapid7, remediation automation, risk-based prioritization, Tenable, threat-aware prioritization, unpatched vulnerabilities, Vulcan Cyber, vulnerability management, vulnerability scanningVulnerability management in 2025 is overwhelmed by escalating CVEs and costly breaches; organizations must shift from slow, manual patching to continuous, risk-based, AI-powered remediation to stay secure ...
Patch Management is Essential for Securing DevOps
Alexander Williams | | automated patching, automated rollbacks, canary deployments, CI gating, CI/CD pipelines, cloud-native security, continuous delivery security, CVE scanning, devops best practices, devops security, devsecops, feature flags, mean time to patch (MTTP), observability in devops, patch automation tools, patch management, runtime mitigation, SBoM, security automation, software bill of materials, software vulnerabilities, supply chain security, vulnerability discovery, vulnerability management, zero-day defense, zero-day exploitsZero-day exploits don’t wait for anyone and are one of the main reasons why the cybersecurity market will be worth a whopping $256 billion worldwide. In the current threat landscape, attackers weaponize ...
The Silent Technical Debt: Why Manual Remediation Is Costing You More Than You Think
Bob Shaker | | ActiveState report, continuous remediation, cybersecurity efficiency, Dependency Management, developer productivity, devsecops, engineering performance, innovation tax, intelligent remediation, KubeCon 2025, manual remediation, Mean Time to Remediate, mttr, open source security, remediation debt, security automation, software vulnerabilities, technical debt, transitive dependencies, vulnerability managementManual vulnerability remediation drains time, innovation, and security. Learn how intelligent remediation eliminates hidden technical debt and accelerates DevSecOps ...
Why Nano Updates Only Work if You Begin with the Latest and Greatest Software
Dustin Kirkland | | automated updates, CI/CD, container updates, continuous delivery, continuous improvement, CVE reduction, Dependency Management, devsecops, engineering and security collaboration, legacy modernization, Linux base images, modern software stacks, nano updates, secure development practices, security patching, software hygiene, software maintenance, software updates, technical debt, vulnerability managementIs there a silent threat of technical debt looming in your organization? You probably should take a deeper look. Modern software systems are composed of hundreds of interdependent components. How are you ...
Establishing Visibility and Governance for Your Software Supply Chain
Parth Patel | | application security, asset visibility, attack surface management, build-time security, Cloud Governance, context-aware security, cybersecurity governance, dependency tracking, eBPF runtime analysis, Kubernetes Gatekeeper, Log4Shell, open source security, provenance attestation, risk reduction, SBoM, SBOM automation, secure software development, SLSA, software bill of materials, software provenance, Software Supply Chain Security, supply chain risk, Third-party Dependencies, VEX, vulnerability management, vulnerability prioritizationAsset visibility and cloud governance start with SBOMs, VEX, and provenance tracking. Learn how to secure your software supply chain ...
Google’s OSV-Scanner V2: Leveling Up Vulnerability Management for Developers
Google's OSV-Scanner V2.0.0 brings enhanced vulnerability scanning with container support, interactive visualizations, and innovative remediation features ...
Vulnerability Management for DevOps Teams: A Practical Guide
Gilad David Maayan | | devsecops, Secure Software, software security, vulnerability, vulnerability managementThe goal of vulnerability management is to close the gap between discovery and resolution, thereby minimizing the window of opportunity for potential cyberattacks ...
Poor App Remediation Creates a Vicious Vulnerability Cycle
A survey of 200 security professionals found nearly 83% of respondents reported that an increase in the rate at which applications are being deployed has led to an increase in the reintroduction ...
Majority of Orgs Lack Visibility Into Container Vulnerabilities
Today’s blend of third-party application dependencies and polyglot software development often makes assessing risk difficult. With many new cloud-native deployment models, it can be tricky to discover potential vulnerabilities. These threats take ...
How to Source Vulnerability Data for True DevSecOps
Open source comes with code vulnerabilities that must be considered in the DevOps process The war between open source and “only proprietary code” is long over. Open source won the day by ...
3 Ways IoT Developers Can Make Their Applications More Secure
Larry LeBlanc | | application security, IoT, IoT developers, IoT security, National Vulnerability Database, vulnerability managementWhen the IoT was still young, IoT application developers got away with making security an afterthought, as they built prototypes and minimum viable products designed to demonstrate the different ways the IoT ...
Black Duck Targets Open Source Code Security Flaws
Open source platforms and projects offer a wide variety of benefits for organizations and developers, but they also can introduce vulnerabilities if you’re not careful. That's why Black Duck has released Security ...
