%term

Custom Risk Scoring Is the Missing Link Between Disconnected Findings and Real Exposure Management

Jan 20, 2026 By Rob Gibson In Nucleus

Most large organizations rely on multiple vulnerability and exposure scanning tools out of necessity. Infrastructure scanners, cloud security platforms, application security testing tools, container scanners, and attack surface management solutions all play a role. Each one is designed to answer a specific question. But when it comes to understanding the risk of the vulnerabilities and exposures they detect, each tool has its own approach to quantifying it.

Read Post

Nucleus

Read more about Custom Risk Scoring Is the Missing Link Between Disconnected Findings and Real Exposure Management

The Philanthropist's Take: Bolstering Cyber Civil Defense

Jan 20, 2026 By SecurityScorecard In SecurityScorecard

“Doing well by doing good” – there’s something to be said for that. Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Craig Newmark (Founder, craigslist, Craig Newmark Philanthropies) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide. Find your company's security score for free at SecurityScorecard.com Follow our CEO Dr. Aleksandr Yampolskiy.

View Video

SecurityScorecard

Read more about The Philanthropist's Take: Bolstering Cyber Civil Defense

Securing AI Where It Acts: Why Agents Now Define AI Risk

Jan 20, 2026 By Chris Hughes In Zenity

In the first round of the AI gold rush, most conversations about AI security centered on models: large language models, training data, hallucinations, and prompt safety. That focus made sense when AI was largely confined to generating text, images, or recommendations. But that era is already giving way to something far more consequential.

Read Post

Zenity

Read more about Securing AI Where It Acts: Why Agents Now Define AI Risk

Ensuring Institutional AI Ownership With the AI Compliance Officer

Jan 20, 2026 By Kovrr In Kovrr

‍Artificial intelligence (AI) systems and generative AI (GenAI) tools have already been embedded across enterprise operations in a myriad of ways that trigger compliance obligations, both in terms of AI-specific regulations and other reporting mandates. In many cases, this adoption is occurring informally, through employee-driven tools or AI features embedded within third-party platforms, without centralized visibility or approval.

Read Post

Kovrr

Read more about Ensuring Institutional AI Ownership With the AI Compliance Officer

Security's Next Turning Point Is the Workforce

Jan 20, 2026 By Ashley Rose, Co-founder & CEO of Living Security In SecuritySenses

Cybersecurity is entering a turning point. It has less to do with new tools than a new reality: the workforce has changed. For years, security programs assumed risk lived in systems, controls, and configurations. People were the variable managed through policies, training, and best-effort awareness. That model was already under strain. Now it is being outpaced.

Read Post

SecuritySenses

Read more about Security's Next Turning Point Is the Workforce

Understanding Open-Source License Risk in Modern Software

Jan 19, 2026 By Mackenzie Jackson In Aikido

Open source is one of the best things to ever happen to software development. It is also one of the easiest ways to accidentally ship legal obligations you did not sign up for. Most teams know they rely heavily on open-source dependencies. Fewer teams know exactly what licenses those dependencies use, what obligations come with them, or how those licenses travel through transitive dependencies and container images. That gap is what we call open-source license risk.

Read Post

Aikido

Read more about Understanding Open-Source License Risk in Modern Software

Forward to the Past: The Y2K38 Problem Ahead

Jan 18, 2026 By Pedro Umbelino In BitSight

Exactly twelve years from now, on January 19, 2038, at 03:14:08 UTC an unpredictable amount of computer systems will think they have been teleported in time more than 100 years, back to December 13, 1901.

Read Post

BitSight

Read more about Forward to the Past: The Y2K38 Problem Ahead

The Data Scientist's Take: Making AI Work for the Enterprise

Jan 15, 2026 By SecurityScorecard In SecurityScorecard

In retrospect, it’s a lot easier to determine whether or not something has been overhyped. But for the moment? We’re bullish on agentic systems – and their adoption. Is your enterprise ready for the age of autonomous AI? Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Ilya Mezyin (SVP, Head of Data Science, Dun & Bradstreet) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide. Find your company's security score for free at SecurityScorecard.com.

View Video

SecurityScorecard

Read more about The Data Scientist's Take: Making AI Work for the Enterprise

Meet GitGuardian's Machine Learning-Powered Risk Scoring

Jan 15, 2026 By GitGuardian In GitGuardian

The GitGuardian Platform now automatically ranks every secrets incident with a risk score from 0–100, turning alert floods into a prioritized, trustworthy work queue. Scores are computed from incident context (like validity, exposure, where it was found, and exploitability) and build on existing ML capabilities like Secret Enricher and our False-Positive Remover, which cuts false positives by 80%+.

View Video

GitGuardian

Read more about Meet GitGuardian's Machine Learning-Powered Risk Scoring

4 Predictions Our Researchers Say Could Break (or Break Through) in 2026

Jan 15, 2026 By Threat Research Team In BitSight

As we step into 2026, Bitsight researchers are closely watching key developments across the cyber risk landscape. Their insights reveal a dynamic tension between rising threats and new opportunities to strengthen defenses. Here's what they predict for the year ahead, and what security teams should be prepared to navigate.

Read Post