|
By Nucleus
Company Appoints Jeremiah Grossman to Board of Directors and Adds Tamir Hardof as Chief Marketing Officer.
|
By Dani Woolf
Nucleus Security is proud to announce its recent achievement of Federal Risk and Authorization Management Program (FedRAMP®) authorization at impact level Moderate, making it the go-to choice for government agencies seeking top-tier vulnerability management solutions.
|
By Kevin Swartz
Vulnerability prioritization is one of the most important steps in managing cybersecurity risks effectively. Ideally, security teams would address every vulnerability immediately upon detection. However, the reality is far from ideal because of the overwhelming number of vulnerabilities and their escalating volume among other challenges, like severity spectrum differences requiring nuanced assessment, evolving threats, or resource constraints.
|
By Kevin Swartz
As of February 12, 2024, the National Cyber Security Centre (NCSC) has released Version 2.0 of its vulnerability management guidance. This update provides organizations with the latest strategies and practices to identify, assess, and manage cybersecurity vulnerabilities effectively. The NCSC’s updated guidance on vulnerability management outlines the importance of proactively managing vulnerabilities to secure technical estates.
|
By Nucleus
Nucleus Security announces it has secured $43 million in Series B funding led by Arthur Ventures and Lead Edge Capital. This milestone marks a significant leap forward in the company's mission to redefine how enterprises manage risk exposure from vulnerabilities across infrastructure, cloud, and application portfolios in one unified platform.
|
By Steve Carter
We at Nucleus Security are thrilled to share our journey and vision following our recent $43 million Series B funding round. This investment, led by Arthur Ventures and Lead Edge Capital, is a testament to our commitment to leading the charge in vulnerability management innovation and our dedication to protecting digital infrastructures worldwide. Read the full press release here.
|
By Sonia Blanks
Welcome to the Nucleus Product Update 4.1. It’s a new year with new things to get excited about together. Here’s to making 2024 a great one! 🥳 This update outlines lots of Nucleus happenings you don’t want to miss, including: We’re also including a link to our latest webinars, which are value-packed sessions you don’t want to miss. Get the details for all updates below.
|
By Dani Woolf
I’ll be honest – the last time someone asked me to assess my behavior was in therapy. Difficult? Yes. Who likes to audit themselves? But that process taught me something valuable: evaluating ourselves, even when uncomfortable, propels us forward. In my many conversations with security professionals, one common theme emerges. We need continuous progress forward as security organizations for the business.
|
By Gil Azaria
Imagine navigating the vast, unpredictable ocean, where every wave and current brings a new challenge. This turbulent navigation experience mirrors the journey of companies navigating the complex world of cloud environments, filled with hidden dangers such as security vulnerabilities, misconfigurations, and compliance violations. In these deep digital seas, where threats lurk unseen, it’s crucial to have vigilance, a sophisticated understanding, and a guiding tool to illuminate the path ahead.
|
By Scott Kuffer
In working with customers across different enterprises and experiencing it myself, the challenges in managing vulnerabilities effectively are felt. Drawing from the insights of customers and my experiences, I’ve learned much about using Service Level Agreements (SLAs) in the vulnerability remediation process.
|
By Nucleus
In this webinar, Scott Kuffer discusses the challenges and best practices of vulnerability management workflows and ticketing. He emphasizes the discrepancy between vulnerability management teams' priorities and the priorities of the business as a whole. Scott explores different ticketing workflows, starting with basic vulnerability-based tickets and progressing to more advanced options such as asset-based, team-based, and action-based tickets. He highlights the benefits of automating ticket creation and reporting, as well as the potential for redefining how vulnerability management is approached within organizations.
|
By Nucleus
Single Pane of Glass (SPOG) is a common buzzword that sends shivers down the spines of technical folks everywhere. Yet, executive teams ask for it, especially in vulnerability management. At the same time, the complex and fragmented nature of modern IT environments wreaks havoc on organizations aiming to understand their current location related to remediating and patching risks. So, what exactly is a single pane of glass, and what does it look like for enterprises today?
|
By Nucleus
In this presentation, we explore the intersection of vulnerability intelligence and prioritization frameworks such as CVSS and SSVC as a means for strategically and rapidly prioritizing vulnerabilities to stay ahead of exploitation risks. We delve into the process of applying real-time threat intelligence tailored to the vulnerability landscape to enhance decision-making, optimize resource allocation, and ensure a precise and proactive defense against cyber threats.
|
By Nucleus
Scott Kuffer, COO and co-founder of Nucleus Security, and Sonia Blanks, Director of Product Marketing of Nucleus Security, discuss the role of automation in vulnerability management. They emphasize the importance of looking beyond individual parts of the process and instead focusing on automating the entire ecosystem. Scott shares insights on how to streamline the vulnerability management process, including the need for thorough preparation and defining desired outcomes.
|
By Nucleus
With so many vulnerabilities to address and potential threats looming, how can organizations prioritize and respond effectively? Enter Vulnerability Threat Intelligence (VTI). This knowledge not only aids in pinpointing vulnerabilities but also shapes strategies for risk acceptance and rapid responses to zero-day threats. Join our webinar where Patrick Garrity from Nucleus Security, Caleb Hoch from Google, and Jared Semrau from Mandiant, uncover how to effectively leverage vulnerability threat intelligence (VTI).
|
By Nucleus
In this video, Patrick Garrity, Cybersecurity Researcher and VP at Nucleus, deep dives into the public preview of the Exploit Prediction Scoring System (EPSS).
|
By Nucleus
Product security and vulnerability management have become critical components of an organization's overall cybersecurity strategy. However, these two teams often face challenges in working together effectively, leading to misalignment and potential security gaps. Patrick Garrity hosted a roundtable discussion with industry experts Matthew Clapham and Scott Kuffer to share applied lessons from product security teams and vulnerability management.
|
By Nucleus
Patrick Garrity, Security Researcher at Nucleus Security, discusses the rise of vulnerabilities exploitation and threat intelligence in the field of vulnerability management. He highlights the history of vulnerability management, the increase in vulnerabilities and exploitation, the limitations of the common vulnerability scoring system (CVSS), and the emergence of vulnerability threat intelligence. Patrick also emphasizes the importance of open-source intelligence, such as CISA's Known Exploited Vulnerabilities (KEV) List and the Exploit Prediction Scoring System (EPSS), as well as the value of commercial threat intelligence.
|
By Nucleus
Patrick Garrity, Security Researcher at Nucleus Security, interviews Aleksandr Yompolski, CEO of Security Scorecard, about the evolving cybersecurity landscape and the role of security ratings and risk assessments. They discuss the challenges organizations face in defending against exploitation attacks, the need for collaboration and communication in the industry, and the importance of balancing security and business agility.
|
By Nucleus
When you’re managing cybersecurity at the enterprise level, it’s crucial to have a full breadth of understanding of the ins-and-outs of your enterprise vulnerability management program — including all of the challenges that come along with it. Only then can you begin to effectively prioritize risks and get ahead of vulnerabilities as quickly as possible. In this webinar, join our panelists of cybersecurity experts as they discuss.
|
By Nucleus
Many organizations are using outdated, highly inefficient, and time consuming VM processes that leave security personnel struggling to keep up. As the vulnerability landscape continues to evolve rapidly, the processes used to discover, track, and remediate them has failed to evolve with it.
|
By Nucleus
Vulnerability exploitation is involved in over half of breaches, making it a huge risk to organizations. And the problem only continues to balloon year over year... both in the speed at which attackers are capitalizing on exploited vulnerabilities, and in the way that technology and assets outgrow most organization's current vulnerability management programs. In this series, we're going to be breaking down how vulnerability management has grown and evolved over time, plus how to modernize your program using things like risk-based vulnerability management.
|
By Nucleus
There are hundreds of statistics you could collect and monitor to use as guiding metrics, but that doesn't mean it's a good idea to do so. Learn the four most critical metrics to track in vulnerability management, and what they tell us about the health of your program.
- April 2024 (4)
- March 2024 (2)
- February 2024 (7)
- January 2024 (4)
- December 2023 (3)
- November 2023 (5)
- October 2023 (5)
- September 2023 (1)
Nucleus is a Risk Based Vulnerability Management (RBVM) solution that automates vulnerability management processes and workflows, enabling organizations to mitigate vulnerabilities 10 times faster, using a fraction of the resources that it takes to perform these tasks today.
The only Risk-Based Vulnerability Management Platform purpose-built for the world’s most complex enterprises:
- Vulnerability Management: Mitigate vulnerabilities 10X faster, using a fraction of resources.
- Application Security: Accelerate AppSec to the Speed of Operations & ship secure code faster.
- Government: Ensure compliance and control access to data any way you choose.
- MSSPs: Manage all clients from a single platform with true multi-tenancy.
Unified Vulnerability Management.