Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CyCognito Named a Leader and Outperformer in the 2026 GigaOm Radar for ASM

In 2026, the ASM scorecard has moved well past discovery. The market is shifting from visibility to validated proof: what’s exploitable, what connects to critical systems, and what requires immediate action. The latest GigaOm Radar for Attack Surface Management is anchored to that bar. Across 32 vendors, it highlights the platforms that have moved beyond inventory into contextual prioritization and actionable validation. This is the turning point CyCognito is built for.

Mapping and Managing AI Supply Chain Risk (Featuring Panorays)

-Recent breaches show AI risk is already present in many environments, often entering through suppliers, data flows, and integrations. But awareness alone is not enough. CISOs and security leaders must actively manage the expanded attack surface AI creates. In this session, experts from CyCognito and Panorays help you understand how to identify AI relationships, assess the risks they pose, and remediate vulnerabilities before they lead to an incident. You’ll learn.

Emerging Threat: Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)

CVE-2026-20127 is a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller (vSmart) and Cisco Catalyst SD-WAN Manager (vManage). The flaw stems from improper validation within the control plane and management plane authentication mechanisms, allowing a remote, unauthenticated attacker to submit crafted requests that bypass standard authentication controls. Successful exploitation results in access to the system as a high-privileged internal user account.

Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface

Amazon Machine Images (AMIs) are templates for launching and scaling Amazon Elastic Compute Cloud (EC2) instances. Because Amazon EC2 AMIs are reused across environments and automation pipelines, decisions about how you build, source, manage, and share them directly affect your cloud attack surface.

Emerging Threat - Dell RecoverPoint for VMs Hardcoded Credential (CVE-2026-22769)

CVE-2026-22769 is a hardcoded credential vulnerability affecting Dell RecoverPoint for VMs, a disaster recovery orchestration platform used to manage replication and failover of virtualized workloads. The issue stems from static authentication credentials embedded within a product component. Because these credentials are not uniquely generated per deployment and cannot be changed by administrators, they introduce a structural authentication weakness.

Permission to Ignore: Leveraging the CTEM Framework to Focus on Real Risk

Security frameworks have always had a gap. They tell you to find vulnerabilities and fix them, but they’ve rarely provided a system to determine which ones actually matter before you tap into your most expensive resource: engineering time. CTEM changes the game by treating security as a continuous lifecycle rather than a series of silos.

Dangling DNS in the AI Era: The Silent Attack Surface Expanding Beneath Your Feet

Artificial intelligence is accelerating digital transformation at an unprecedented pace. New AI-driven applications, copilots, data pipelines, APIs, and cloud services are spinning up faster than ever before. But while innovation moves at machine speed, governance often lags behind. The result? A rapidly expanding external attack surface filled with forgotten assets, abandoned cloud resources, and misconfigured DNS records — many of them quietly waiting to be hijacked.

Emerging Threat: CVE-2026-1731 - BeyondTrust Privileged Access Exposure Risk

CVE-2026-1731 is a vulnerability disclosed in products developed by BeyondTrust. At the time of writing, publicly available technical details regarding the root cause, vulnerable code paths, and exploitation prerequisites remain limited. Based on initial advisory information, the issue affects components involved in privileged access or remote access workflows, which are typically deployed to manage high-value credentials, session brokering, or secure administrative access to enterprise systems.

From Activity to Impact: How CTEM Refocuses Security KPIs

For years, security programs reported progress using the same familiar metrics: number of vulnerabilities, patch rates, backlog size. These metrics became the default scorecard not because they reflected risk, but because they were easy to produce. The problem is that these metrics do not measure security improvement. They measure activity. Vulnerability counts rise and fall with scan cadence. Patch rates spike around maintenance windows. Backlogs grow when coverage improves.