Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Attaxion Releases Agentless Traffic Monitoring for Immediate Risk Prioritization

Attaxion announces the addition of the Agentless Traffic Monitoring capability to its exposure management platform. Agentless Traffic Monitoring is a new capability designed to give cybersecurity teams actionable visibility into network traffic flowing to and from their digital assets - all without the need to deploy any agents or sensors on these assets.

What's New in CyCognito: August 2025 Platform Enhancements

Security teams need automation, clarity, and speed to stay ahead. This month’s updates continue to refine the CyCognito experience so you can maintain an accurate asset inventory, pivot through investigations quickly, and share the right information with stakeholders. In the past few weeks we delivered improvements across automation (including Action Rules), APIs improvements, new investigation and management options, and reporting controls for PDFs. Below is a detailed look at what is new.

Why Gartner Declared EASM Obsolete Before it Became Mainstream

Hint: EASM by itself is a means, not an end. In the rapidly evolving landscape of cybersecurity, few innovations have shown as much early promise as External Attack Surface Management (EASM). Its core value proposition the ability to continuously discover, inventory, and monitor all internet-facing assets of an organization was compelling from the start. Yet, despite its utility and adoption across multiple cybersecurity disciplines, Gartner recently declared EASM an obsolete standalone product category.

CVE202554253 & CVE202554254 in Adobe Experience Manager Forms - What You Must Know

Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE) has suffered two critical vulnerabilities CVE‑2025‑54253 and CVE‑2025‑54254 disclosed in early August 2025. According to Adobe, both flaws carry public proof-of-concept (PoC) exploits, though there are no known in-the-wild attacks as of today.

Remote DNS Manipulation at Scale: How IONIX Uncovered 20,000 Malicious Subdomains from a Single Abused NS Record

Our threat-hunting team just uncovered a mass-produced remote DNS-manipulation campaign that hijacked an entire nameserver (NS) delegation belonging to a Fortune 500 company. Within hours, the attacker used that foothold to create over 9,500 brand-new subdomains, all resolving to the same criminal infrastructure serving illicit gambling pages.

External Attack Surface Management (EASM): A Guide for Devs & Security Engineers

If you’re part of a cloud-first organization, building in fintech, healthcare, SaaS, or any environment where infrastructure shifts fast and data matters, external risk isn’t theoretical; it’s operational, with breach patterns evolving and compliance expectations tightening, visibility into what you’ve exposed online is no longer optional.

Seeing Your APIs Attack Surface Through an Attacker's Eyes: Introducing Salt Surface

Your API attack surface is larger and more exposed than you realize. In today's complex, cloud-native environment, APIs are deployed at an astonishing rate. While this rapid pace fuels innovation, it also creates a significant visibility gap. The APIs you are aware of and manage are only the tip of the iceberg. Your actual risk exists beneath the surface, in the undocumented, unmanaged, and forgotten APIs that traditional security tools completely overlook.

How DevOps Teams Can Use IONIX for Zero-Fuss Daily Ops

Our DevOps environment moves fast. Cloud instances spin up and down. Containers launch and retire. New APIs appear without warning. Trying to track it all with scripts, spreadsheets, and one-off scans meant I often missed things. A TLS certificate would slip through. An open port would go unnoticed. I’d spend hours chasing down who owned an asset.

Attack Surface to Action: The Power of Censys ASM + Seemplicity

Security teams juggle a multitude of tools to keep their organizations safe. One platform scans for exposed assets, another tracks vulnerabilities, and yet another manages remediation tasks – and the list goes on. Organizations use an average of 38 different security products, leading to fragmented processes and a lot of “noise” in the form of findings. It’s no surprise that 85% of security professionals say all this noise makes it challenging to reduce risk quickly.