Jointly developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 29147 and ISO/IEC 30111 provide a structured framework ...

Cybersecurity risk management firm Brinqa Inc. today announced new capabilities that it says will shorten time to value and make it easier to adopt modern vulnerability management best practices. The ...

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

Organizations are facing an increase in cyber threats. Even well-funded security teams may find it challenging to effectively address these threats without a formal program. One effective way to ...

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE ...

Federal agencies are under a binding operational directive to address exploitable security vulnerabilities in their software, but the success of CISA’s effort relies on the cooperation of software ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Patch management approaches that aren’t ...

Full-cycle vulnerability management (FCVM) is a set of cybersecurity capabilities that helps organizations better manage their IT infrastructure as well as rapidly identify and prioritize risks ...

As we pass the first anniversary of the Log4j vulnerability disclosure, it's a timely reminder that when a vulnerability is serious, it deserves our utmost attention. Organizations taking ...

A government shutdown is often framed as a budget and operations crisis—but it is also a cybersecurity risk multiplier. When ...

After years of neglect, organizations are investing in vulnerability management programs to address business risk. A dozen CISOs offer lessons learned and best practices. It was 2003, and I was giving ...