Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We at Nucleus Security are thrilled to share our journey and vision following our recent $43 million Series B funding round. This investment, led by Arthur Ventures and Lead Edge Capital, is a testament to our commitment to leading the charge in vulnerability management innovation and our dedication to protecting digital infrastructures worldwide. Read the full press release here.

Welcome to the Nucleus Product Update 4.1. It’s a new year with new things to get excited about together. Here’s to making 2024 a great one! 🥳 This update outlines lots of Nucleus happenings you don’t want to miss, including: We’re also including a link to our latest webinars, which are value-packed sessions you don’t want to miss. Get the details for all updates below.

I’ll be honest – the last time someone asked me to assess my behavior was in therapy. Difficult? Yes. Who likes to audit themselves? But that process taught me something valuable: evaluating ourselves, even when uncomfortable, propels us forward. In my many conversations with security professionals, one common theme emerges. We need continuous progress forward as security organizations for the business.

Imagine navigating the vast, unpredictable ocean, where every wave and current brings a new challenge. This turbulent navigation experience mirrors the journey of companies navigating the complex world of cloud environments, filled with hidden dangers such as security vulnerabilities, misconfigurations, and compliance violations. In these deep digital seas, where threats lurk unseen, it’s crucial to have vigilance, a sophisticated understanding, and a guiding tool to illuminate the path ahead.

In working with customers across different enterprises and experiencing it myself, the challenges in managing vulnerabilities effectively are felt. Drawing from the insights of customers and my experiences, I’ve learned much about using Service Level Agreements (SLAs) in the vulnerability remediation process.

In the culinary world, the adage “too many cooks spoil the broth” warns of the chaos and disarray that can arise from too many opinions and actions in the kitchen. However, this concept takes an intriguing twist in the realm of cybersecurity.

Welcome to the Nucleus Product Update 3.9. As we approach Thanksgiving, we’d like to start by expressing our appreciation for you and the rest of the Nucleus family. Thank you for being a part of our community and contributing to our collective growth and success. We have so much to be thankful for this year, especially YOU! We hope you have a wonderful holiday celebrating all there is to be grateful for and enjoying a great meal with the people you love most.

The financial sector is constantly adapting to emerging threats and regulatory changes. The New York Department of Financial Services (NYDFS) is at the forefront of cybersecurity regulation, ensuring that covered entities within the state maintain robust cybersecurity programs. In this blog post, we’ll dive into the recent changes to NYDFS regulations, specifically focusing on vulnerability management and an updated definition of risk assessment.

In vulnerability management (VM), the task of sifting through vast amounts of data to pinpoint critical insights can feel like searching for a needle in a haystack, specifically a haystack with many precious needles that all look alike. And, of course, the one needle you’re looking for is mission-critical and can mean the difference between securing your business and leaving it open to attack.

When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited. Recently, CISA expanded the Known Exploited Vulnerabilities Catalog with vulnerabilities “known to be used in ransomware campaigns”. We find this data valuable in helping organizations identify which vulnerabilities on the KEV pose greater risk.