Blog

Eight events that propelled Cyber Risk Quantification and Management into the spotlight during 2022, proving that it is no longer an option, but the solution.

John Chambers, Founder and CEO of JC2 Ventures, writes about why businesses need to invest in Cyber Risk Quantification and Management in 2023.

Read our four-step guide to answering this question accurately and in real-time using SAFE Cyber Risk Quantification and Management.

The five real-time dashboards CISOs need to visualize, prioritize, and manage cyber risk and engage in dollar-driven conversations with the board.

Discover easy it is to deploy SAFE and start your Cyber Risk Quantification and Management journey (CRQM) in under 4 weeks.

The attack surface of every organization across the world is growing in complexity. Explore what this means for managing your cybersecurity risk.

Safe Security's Interactive Cost Model was tested against eight recent ransomware attacks for which financial impact data was available.

The cyber attack on Uber demonstrates that organizations must monitor their expanding attack surface and correlate your security signals in real-time.

Find out what this major policy exclusion means for global businesses and the insurance industry, as we explore the solution.

The Ponemon Institute and IBM list CRQ and security AI and automation as the top 2 methods for reducing breach losses in the 2022 Cost of a Data Breach report.

Read this write-up on CVE-2021-26855 to understand how it works, how it impacts systems and users, and how to mitigate the threat.

This blog explains how a Linux local privilege escalation vulnerability, plus a proof of concept on how to exploit it.

An unauthenticated Remote Code Execution Vulnerability in the iControl REST component of BIG-IP tracked as CVE-2022-1388.

Ever wondered how exposed your industry is to cyber risk, or how it compares to others? Use our FREE Cyber Risk calculator to find out.

By performing a directory traversal attack during file upload a pre-auth RCE vulnerability was found in DotCMS. It allows an attacker to execute server-level commands on the underlying system.

The attack comprises of performing command injection vulnerability in Lambda Functions in order to steal the AWS keys and access AWS resources as the stolen keys of the IAM role.

A deepdive into a vulnerability and exploit that utilizes the insecure "pkexec" program which allows a local user to get root access on the vulnerable system.

Cyber risk has tangible financial and operational consequences for a business. Learn how to tackle Gartner’s top 5 cyber risk questions using Risk Quantification.

Discover how CRQ enables you to assess, prioritize, and manage cyber risk in real-time, and contextually communicate cybersecurity risk to your Board.