Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

RSA Conference 2025 in San Francisco was a breath of fresh air, literally and figuratively. The city felt more vibrant and welcoming, and the conference buzzed with genuine excitement. Unlike previous years, which were dominated by hype and theoretical discussions, this year’s focus was on tangible (not yet game-changing!) AI applications in cybersecurity. AI extended throughout the conference, from the keynotes through the track sessions and into the exhibition hall.

Recently, industry analyst Jon Oltsik outlined a critical shift underway in cybersecurity: the move toward a threat-informed defense. As Oltsik describes, organizations are beginning to strengthen the intersection of vulnerability scanning and threat intelligence, using AI to bolster asset classification and risk scoring. This evolution is essential as enterprises seek to move beyond fragmented security practices and build a more cohesive exposure management strategy.

In our recent article on Continuous Threat Exposure Management (CTEM), we highlighted how exposure assessment platforms (EAPs) like Nucleus can support several critical phases of the CTEM framework. In that article, we intentionally separated the scoping step from the other technology-dependent CTEM stages. Scoping begins as a business- and process-driven exercise. However, doing scoping well and at scale relies more on having the right technology.

All the major vulnerability scanning vendors have strengths, but asset tracking isn’t one of them. Some workarounds exist. However, if you are using one of the most popular vulnerability scanning tools, it’s likely you will struggle with asset tracking.

Traditional vulnerability management is broken. It is ineffective. The process of scanning for software vulnerabilities, prioritizing based on CVSS scores, and fixing what you can has become an endless patch cycle. The need for a better approach is clear. Different scanning tools are creating millions of alerts, obscuring critical risks within the noise. Organizations need to go beyond finding and patching vulnerabilities and opt in to a more effective approach to managing exposures.

Every day, security teams are expected to manage risks in cloud environments that they don’t fully control, can’t always see, and that are constantly changing. Cloud-native assets—such as container workloads, autoscaling groups, and serverless functions—are highly dynamic, appearing, disappearing, and evolving in response to demand and functionality changes.