%term

CVE, CVSS, and the Mistake Most Teams Keep Making

Jan 21, 2026 By Estefany Aguilar In NodeSource

Modern software systems are exposed to a constant stream of disclosed vulnerabilities. Thousands of new issues are published every year across operating systems, runtimes, libraries, and frameworks. Treating all of them as equally urgent is not realistic, and trying to do so often leads to ineffective security work. To manage this volume, the security community relies on two foundational mechanisms: CVE and CVSS.

Read Post

NodeSource

Read more about CVE, CVSS, and the Mistake Most Teams Keep Making

Securing LLMs: Insights into OWASP Top 10 | Maryia Tuleika | TTTribeCast Webinar

Jan 11, 2026 By The Test Tribe In The Test Tribe

AI can feel like a black box, but when it is tested like any other system, unexpected weaknesses begin to surface. This session explores how large language models can be pushed into unsafe or unintended behavior, revealing that AI is not immune to flaws, poor decisions, or broken assumptions.

View Video

The Test Tribe

Read more about Securing LLMs: Insights into OWASP Top 10 | Maryia Tuleika | TTTribeCast Webinar

What is Exposure Management? Explained for Vulnerability Management Teams

Oct 31, 2025 By SystemsDigest In SystemsDigest

If you're a vulnerability management professional or have experience leading teams that do vulnerability management, you know CVEs inside and out. You've got your scanning tools configured, your patch cycles running, and your CVSS score thresholds set. But lately, something probably feels off. Maybe it's the fact that breaches keep happening despite all the patching. Maybe it's that your CVE count keeps growing faster than you can remediate. Or maybe you're just tired of explaining why that "critical" vulnerability in a disconnected test server isn't actually critical.

Read Post

SystemsDigest

Read more about What is Exposure Management? Explained for Vulnerability Management Teams

Simulating Multi-Agent Workflows to Find Hidden API Vulnerabilities

Sep 12, 2025 By Kristopher Sandoval In Speedscale

API gateways are often viewed as the centralized entry point for client HTTP requests in a distributed system. They act as intermediaries between clients and backend services, managing API request routing, load balancing, rate limiting, access control, and traffic shaping across multiple backend services. This API management is vital for many services and products, but many organizations can put too much stock in it.

Read Post

Speedscale

Read more about Simulating Multi-Agent Workflows to Find Hidden API Vulnerabilities

What Is CVE? Common Vulnerabilities and Exposures Overview

Aug 6, 2025 By Perforce In Perforce

Common Vulnerability and Exposures (CVE) collects known cybersecurity vulnerabilities and exposures to help you to better safeguard your embedded software. This framework is central to managing security threats effectively. Here, we explain what is CVE, unpack the role of CVE identifiers, examine the differences of CVE vs. CWE, expand on the CVE list, and outline how identifying vulnerabilities early in software development can be achieved with the right static analysis tools.

Read Post

Perforce

Read more about What Is CVE? Common Vulnerabilities and Exposures Overview

CVE Funding Disruption: How Security Teams Can Prepare

Jul 29, 2025 By Perforce In Perforce

The longstanding Common Vulnerability and Exposure (CVE) database has vitally guided security teams for over 20 years, connecting cybersecurity experts, developers, vendors, and researchers in their shared ability to track unknown vulnerabilities in software. But in April of 2025, the MITRE CVE database program was in jeopardy. U.S. government funding for CVE, managed by MITRE and sponsored by CISA, was set to expire. Only in the 11th hour was funding secured, and the contract extended — for now.

Read Post

Perforce

Read more about CVE Funding Disruption: How Security Teams Can Prepare

Api Security Testing 101: Protecting Your Data From Vulnerabilities

Jul 4, 2025 By Udiesh Kumar In Keploy

Data is vital to everything we do in the modern world. When it comes to data, we cannot ignore APIs. They act as the internet’s functional backbone, helping in the smooth transfer of data between servers, apps, and devices. APIs must be protected from risks and vulnerabilities because they are used at every step. This is where security testing for APIs comes in.

Read Post

Keploy

Read more about Api Security Testing 101: Protecting Your Data From Vulnerabilities

Common Vulnerability Scoring System: What Is CVSS in Cybersecurity?

Jun 18, 2025 By Perforce In Perforce

Common Vulnerability Scoring System (CVSS) and the National Vulnerability Database (NVD database) help you to properly assess which software vulnerabilities should be your top priority. Here, we explain what is the National Vulnerability Database (NVD), what is the Common Vulnerability Scoring System, and how CVSS is used to calculate risk. Read along or jump to the section that interests you the most.

Read Post

Perforce

Read more about Common Vulnerability Scoring System: What Is CVSS in Cybersecurity?

Vulnerability Assessment vs Penetration Testing: Key Differences

Mar 12, 2025 By Pratik Patel In Alphabin

Cyber threats are getting smarter, and businesses need to stay one step ahead. That’s where Vulnerability Assessments (VA) and Penetration Testing (PT) come in. Both play a crucial role in cybersecurity, but they’re not the same thing. Consider it this way: a vulnerability assessment is similar to a regular health check-up—it identifies potential problems early.

Read Post