Blog

How to do Vulnerability Prioritization

A helpful guide to help teams understand what goes into choosing what to fix and when

Technical Guides

Why and How to Implement Seccomp Policies

Explaining the use cases and how to implement an under-discussed Kubernetes feature

Product Reviews

What do I think about Wiz Code?

Answering my most received question from the last 2 weeks

CUPS Vulnerability Response Resources

Resources and analysis on the latest zero days: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Comparing Aikido and Snyk for SCA Scanning

A small step towards total market coverage

Vulnerability Management Part 1 - Assets and Fixes

A three part series detailing what data is helpful for operationalizing vulnerability management (1/3)

Technical Guides

Part 1: What is Reachability

A guide into understanding what reachability is

How Container Vulns Get Fixed

Walking through the process of fixing container vulnerabilities

Shortcuts Sell

And other realities from last week's fundraising

WTF is Cloud Application Detection Response (CADR)?

Everything security teams need to detect real time attacks against modern infrastructure (Part 3/3)

The Kubernetes Gap in CNAPP

Exploring why many CNAPPs have a Kubernetes gap

CVE-2024-6387 Response Resources - "regreSSHion"

TL;DR: Qualys research team discovered an issue where you can exploit OpenSSH with a “brute force” like timing attack from the outside. This will effect vulnerable OpenSSH library versions, which is essentially any public facing Linux server open on port 22. In my opinion, the likelihood on a real