Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Recent investigation by Bitsight TRACE has discovered multiple critical 0-day vulnerabilities across six ATG systems from five different vendors.
I’ve had a number of requests to examine the finance sector in more detail including breakdowns of exactly what kind of financial organizations are experiencing greater risk and who is remediating more quickly. Here's some answers.
Want to know about Yet Another Vulnerability Scoring System (YASS)? Ben Edwards breaks down Stakeholder Specific Vulnerability Categorization and how to make it work.
An in-depth look into Web Application Security, and Bitsight's approach to related security metrics.
Our latest research, a collaboration between Bitsight TRACE & the security researcher Gi7w0rm, has uncovered additional details & information about the 7777 Botnet.
We cover investments that Bitsight is making to greatly scale out our vulnerability coverage in record time through automation.
Much of your daily life depends on Industrial Control Systems(ICSs). We’ll cover ICSs unique characteristics and some of the challenges in applying IT security practices or technology to them.
Before Crowdstrike caused the world to melt down for a few days, the talk of the security town was a recent OpenSSH vulnerability. Let's revisit CVE-2024-6387.
Bitsight's analysis of the CrowdStrike outage and timeline mysteries.
Curious about software vulnerabilities and their fixes? Check out my latest blog on KEV exposures and common weaknesses for surprising insights!
How will the prohibition of Kaspersky Lab, Inc. impact global users? Read our analysis of the prevalence of Kaspersky products used by organizations around the globe.
Learn about what the latest reduction in capacity in the NVD means for the state of vulnerabilities.
This article provides a technical analysis of Latrodectus, offering insights into its campaigns and victims up until Operation Endgame.
Discover key differences in KEV prevalence across Europe and how they impact cybersecurity strategies in this detailed blog.
This blog post details how `CVE-2021-44529` was researched as well as the current method being used to detect it.