Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What is Attack Surface Management?

With the rise of hybrid work and software-as-a-service (SaaS) applications for core business functions, as well as the near ubiquity of the cloud, organizations’ attack surfaces are no longer easily defined. In many cases, they are rapidly expanding. This presents both new opportunities for threat actors and new challenges for security teams, giving rise to a new tactic for security posture improvement — attack surface management.

Prioritizing Critical Third-Party Assets to Protect Your Extended Attack Surface

The enterprise attack surface now extends well beyond the network firewall. As a result, Third Party Risk Management Teams are increasingly becoming an extension of Security Operations Centers, responding in times of crisis to questions of who, what, and more urgently, how and when. The line between ‘their exposure’ and ‘our risk’ is almost non-existent. But bridging the gap between data and platforms can be challenging.

Can Autonomous LLM Agents Exploit One Day Vulnerabilities?

When generative AI first emerged, the cybersecurity community primarily focused on two promising benefits. However, a concerning “third angle” has now been demonstrated: AI as an attacker – powerful AI systems in the hands of malicious actors, autonomously exploiting vulnerabilities with minimal human guidance.

Dynamic IPs Are Breaking Security - Here's How to Fix It

Organizations rely on stable systems to run their operations. Unfortunately, the IP addresses representing these systems can change frequently. This is especially challenging for cybersecurity, where identifying and tracking assets by IP address is crucial. Dynamic IP management is the practice of identifying, tracking, and contextualizing systems that use dynamic IPs to ensure accurate visibility, reduce noise, and maintain a continuous security posture.

Emerging Threat: PAN-OS CVE-2025-0108

On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. Successful exploitation of this vulnerability allows unauthenticated attackers with network access to invoke certain PHP scripts without proper authentication. While it does not lead to remote code execution, it impacts the confidentiality and integrity of the affected system.

Exploited! PANOS Authentication Bypass Vulnerability (CVE20250108)

Recently, Palo Alto Networks disclosed CVE‑2025‑0108—a high-severity authentication bypass in the PAN‑OS management web interface. Although the flaw does not enable remote code execution, it compromises the confidentiality and integrity of management functions. In this post, we’ll break down the technical details, discuss the exploitation methodology, illustrate configuration and code examples, and outline effective mitigation strategies.

Security Risks in Internet-exposed SCADA in Manufacturing

Industrial control systems (ICS) and SCADA (Supervisory Control and Data Acquisition) environments were never designed to be exposed to the internet. Yet, as manufacturing enterprises embrace digital transformation, they find themselves in a challenging position—balancing operational efficiency with cybersecurity risk.

What Is CTEM? Understanding Gartner's CTEM Framework

In the world of cybersecurity, nothing stays still for long. The endless proliferation of new technologies and rapidly shifting threat landscapes forces organizations to continually reevaluate their approach to risk. Over the last two decades, security teams have leaned heavily on vulnerability management (VM) solutions to identify, classify, and patch software vulnerabilities on internal assets.