CyCognito Blog
Research
Research
External Risk Insights: Mind the Gaps in the External Attack Surface
By Emma Zaballos
Product Marketing Manager
April 18, 2023
Discover valuable external risk insights. Learn how to bridge gaps in external attack surface and enhance security with actionable strategies.
Featured, Research
Shrink your External Attack Surface with Better Communications
By Jason Pappalexis
Sr. Technical Marketing Manager
March 16, 2023
Solving meaningful external risk challenges requires the right information at the right time in the hands of the right people.
Research
Study: EASM Products Boost Security While Reducing Costs
By Tom Spring
Was a Media Manager at CyCognito
November 17, 2022
What is the economic impact of adding an External Attack Surface Management platform to your 2024 cybersecurity roadmap?
Research
Heartbleed-like Critical OpenSSL Bug Impacts Versions 3+
By Emma Zaballos
Product Marketing Manager
October 30, 2022
A critical bug in OpenSSL versions 3.0+ dashes security team hopes that this Halloween will include treats and no tricks.
Research
Risky Business: Enterprises Can’t Shake Log4j
By Tom Spring
Was a Media Manager at CyCognito
August 9, 2022
Despite eradication efforts, Log4j continues to haunt large corporations eight months after the critical vulnerability was discovered.
Research
Exclusive EASM Report: Mergers and Acquisitions Top 2022 External Attack Surface Management Risks
By Tom Spring
Was a Media Manager at CyCognito
June 2, 2022
Mergers and acquisitions, poorly managed web apps and insecure PII represent biggest risks tied to external attack surfaces in 2022.
Research
Big Problem with BIG-IP: Vulnerability Alert | CVE-2022-1388 in F5 BIG-IP
By Emma Zaballos
Product Marketing Manager
May 12, 2022
On May 4th, 2022, F5 announced their internal discovery of a remote code execution (RCE) vulnerability, CVE-2022-1388, that affects all firmware versions of their BIG-IP product.
Research
One month in: CyCognito looks at Spring4Shell
By Jason Pappalexis
Sr. Technical Marketing Manager
May 5, 2022
NIST assigned Spring4Shell a score of 9.8, most likely out of concern of a similar blast radius to Log4Shell, which was trivial to exploit and very common.
Research
Detecting and Validating Spring4Shell Vulnerability: CVE-2022-22965
By Alex Zaslavsky
Was Sr. Product Manager at CyCognito
April 6, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Research
Set Up Your Log4J Response Plan
By Jim Wachhaus
Was Director of Technical Product Marketing at CyCognito
December 17, 2021
Based on our experience responding to these issues, advice from expert CISOs, and our community of customers here are steps for a simplified response plan you can use today and for future outbreaks.
Topics
Search the Blog
Featured Posts
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Top Tags
CyCognito Research Report
State of External Exposure Management, Summer 2024 Edition
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report
Moving from Vulnerability Management to Exposure Management
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan
See Exactly What Attackers See
Get a Free Scan of Your Attack Surface
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.