Best Practices

Vulnerability prioritisation

Vulnerability prioritisation and validation: continuous threat exposure management (CTEM) series #2

Cutting the rising cost of DevSecOps

Tackling vulnerabilities at source: How to cut the rising cost of DevSecOps

How the Software as a Service (SaaS) model creates single points of failure

UK retail cyber-attacks a ‘wake-up call’, SaaS overreliance ‘creating single points of failure’, calls for global regulatory alignment – OffSec roundup for CISOs

EUCC CERT SCHEME, implications for vuln management

EUCC cyber certification scheme enters early adopter phase after vulnerability disclosure rules issued

Bug Bounty in the age of AI: a deep dive for CISOs

Mitigating AI cybersecurity risks with Bug Bounty Programs: A deep dive

AI software developer, depicted as humanoid robot, does some coding

Junior devs ‘can’t actually code’, AI coding risks, security researchers decry inscrutable AI – OffSec roundup for CISOs

Vulnerability or bug management cycle

Vulnerability management reboot sought, CISOs more influential in boardroom, Trump’s cyber overhaul – OffSec roundup for CISOs

DORA enters into force: 5 ways YesWeHack’s offensive security platform can bolster your Digital Operational Resilience Act compliance

DORA now in force: 5 ways YesWeHack’s offensive security platform can bolster your Digital Operational Resilience Act compliance

Futuristic Sci-Fi glowing HUD clock fading, representing how the clock is now ticking on Cyber Resilience Act compliance

Clock ticking on Cyber Resilience Act compliance, Bug Bounty forecasts, intriguing CISA red team find – OffSec roundup for CISOs

The clock for compliance with the EU Cyber Resilience Act has now started ticking

Cyber Resilience Act: compliance countdown set to start for EU law focused on eliminating vulnerabilities

Attack surface discovery illustrated with nodes that represent attack vectors and text that reads: ‘mapping your attack vectors’

Attack surface discovery: mapping your exposed vectors with continuous threat exposure management (CTEM)

EU flag signifies NIS 2 entering into force and the Cyber Resilience Act being adopted

NIS 2 in force, Cyber Resilience Act adopted, CISA hails VDP impact – OffSec roundup for CISOs