A Year in Review: 8 Reasons Why the Time is Now for Cyber Risk Quantification and Management
Eight events that propelled Cyber Risk Quantification and Management into the spotlight during 2022, proving that it is no longer an option, but the solution.
2023 is the Year of Cyber Risk Quantification
John Chambers, Founder and CEO of JC2 Ventures, writes about why businesses need to invest in Cyber Risk Quantification and Management in 2023.
How Likely is Your Organization to be Breached?
Read our four-step guide to answering this question accurately and in real-time using SAFE Cyber Risk Quantification and Management.
Reporting Cyber Risk: The Top 5 Dashboards for CISO Success
The five real-time dashboards CISOs need to visualize, prioritize, and manage cyber risk and engage in dollar-driven conversations with the board.
How Easy is it to Deploy SAFE?
Discover easy it is to deploy SAFE and start your Cyber Risk Quantification and Management journey (CRQM) in under 4 weeks.
How to Manage Risk From Attack Surface Expansion
The attack surface of every organization across the world is growing in complexity. Explore what this means for managing your cybersecurity risk.
Interactive Cost Model Shows high Accuracy in Financial Loss Prediction
Safe Security's Interactive Cost Model was tested against eight recent ransomware attacks for which financial impact data was available.
The Uber Breach: Why real-time monitoring of signals across your attack surface is crucial
The cyber attack on Uber demonstrates that organizations must monitor their expanding attack surface and correlate your security signals in real-time.
Lloyds of London excludes state-backed cyber attacks from insurance coverage
Find out what this major policy exclusion means for global businesses and the insurance industry, as we explore the solution.
Halve the Cost of a Data Breach with Cyber Risk Quantification
The Ponemon Institute and IBM list CRQ and security AI and automation as the top 2 methods for reducing breach losses in the 2022 Cost of a Data Breach report.
Microsoft Exchange Server-Side Forgery Request (Proxylogin)
Read this write-up on CVE-2021-26855 to understand how it works, how it impacts systems and users, and how to mitigate the threat.
“DIRTY PIPE” LINUX LOCAL PRIVILEGE ESCALATION [CVE-2022-0847]
This blog explains how a Linux local privilege escalation vulnerability, plus a proof of concept on how to exploit it.
Critical RCE vulnerability in F5 BIG-IP [CVE-2022-26352]
An unauthenticated Remote Code Execution Vulnerability in the iControl REST component of BIG-IP tracked as CVE-2022-1388.
Safe CRQ Calculator
Ever wondered how exposed your industry is to cyber risk, or how it compares to others? Use our FREE Cyber Risk calculator to find out.
Critical RCE in dotCMS Content Management Software
By performing a directory traversal attack during file upload a pre-auth RCE vulnerability was found in DotCMS. It allows an attacker to execute server-level commands on the underlying system.
AWS Lambda Command Injection
The attack comprises of performing command injection vulnerability in Lambda Functions in order to steal the AWS keys and access AWS resources as the stolen keys of the IAM role.
PwnKit: Local Privilege Escalation Vulnerability
A deepdive into a vulnerability and exploit that utilizes the insecure "pkexec" program which allows a local user to get root access on the vulnerable system.
How CISOs can Answer Gartner’s Top 5 Questions from the Board using CRQ
Cyber risk has tangible financial and operational consequences for a business. Learn how to tackle Gartner’s top 5 cyber risk questions using Risk Quantification.