< ciso
brief />
Tag Banner

All news with #vulnerability management tag

213 articles

Microsoft warns of more Windows security updates ahead

🛡️ Microsoft says AI-driven discovery is increasing the pace of vulnerability identification in Windows, leading to a likely rise in monthly security updates. The company uses its MDASH system to scan critical binaries and validate potential issues with multiple AI models, then runs a Windows-specific validation pipeline to reduce false positives. Microsoft also applies AI to accelerate triage, suggest fixes, and find similar bugs, while keeping humans in the review loop. The firm is updating its Secure Development Lifecycle to address AI-enabled attack techniques as adversaries also leverage AI.
read more →

Why clearinghouses aren’t the core solution

🛠️ Athena joins a crowded set of recently announced clearinghouses, but the author argues the clearinghouse itself is the least important part of the equation. Clearinghouses are simply pools of vulnerability data; the real value is in actuation — rebuilding, testing, signing, and delivering fixes where users will actually consume them. The rise of private pre-disclosure findings is a byproduct of models tested against running applications, and scale plus fast throughput matters more than the mere existence of another database.
read more →

Microsoft details SFI AI system to harden cloud

🚀 Microsoft describes a multi-agent AI system within the Secure Future Initiative (SFI) that continuously evaluates and hardens its cloud services. The system combines code, configuration, identity, network, and runtime evidence to find composite vulnerabilities and assess layered defenses. It generates assurance trees tailored to each service and produces high-quality, actionable findings that speed remediation. Microsoft reports the system compresses deep security reviews from weeks to hours and that over 90% of findings were validated by engineers.
read more →

Insignary Closes SBOM Accuracy Gap with Binary Clarity

🔍 Insignary Clarity delivers binary-first analysis that inspects what is actually built, shipped, and deployed to produce accurate SBOMs and identify open-source components that never appear in manifests. The platform generates AIBOMs, performs reachability analysis to prioritize exploitable vulnerabilities, and provides continuous alerts by monitoring stored SBOMs against updated CVE sources. Insignary is cited across multiple Gartner reports and positioned to help organizations meet evolving global regulatory requirements for binary-verified SBOMs.
read more →

2026 Exposure Gap Report: Rising Vulnerability Risk

🔍 The 2026 Exposure Gap Report reveals that vulnerabilities now account for 42.6% of critical exposure, up from 18.7% in 2025, shifting the focus of risk across connected environments. Only 7.8% of vulnerability alerts are validated as exploitable and classified as Critical or High, highlighting the need for context-aware prioritization. The report emphasizes validation, asset criticality, and evidence of exploitation to narrow large alert volumes into actionable priorities. Teams that apply consistent validation and filtering can close the exposure gap more effectively and prioritize remediation where it matters.
read more →

Monthly security roundup — June 2026 highlights

🔍 ESET Chief Security Evangelist Tony Anscombe reviews key cybersecurity stories from June 2026, assessing implications for defenders. He covers new CISA vulnerability patching rules, attacks on Internet-exposed automatic tank gauge (ATG) systems, rising imposter-scam losses reported by the FTC, and proposed UK and Canada social media bans for under-16s. Tony outlines lessons for organizations beyond federal agencies and practical steps to reduce risk.
read more →

Study Finds Decline in Trust for AI Vulnerability Scanning

🛡️ The Cobalt State of Pentesting Report 2026 surveyed roughly 450 cybersecurity professionals across 2025 and 2026 and found trust in fully automated AI vulnerability testing has dropped sharply. Reliance on AI-only testing fell from 29% to 9%, while 47% now prefer a hybrid human-plus-AI model. Respondents reported that 78% of fully automated scanners missed critical vulnerabilities, and AI/LLM issues showed longer MTTR and lower fix rates.
read more →

OpenAI expands Daybreak with GPT-5.5-Cyber release

🔒 OpenAI has expanded its Daybreak cyber-defense program, advancing patch automation with the full release of GPT-5.5-Cyber, updates to Codex Security, and a new open-source patching initiative. Access to the model is limited to verified defenders and paired with enhanced monitoring. OpenAI reports improved vulnerability reproduction and exploit-writing scores, while emphasizing human oversight and partnerships with vendors and governments.
read more →

OpenAI launches AI-driven open-source vulnerability program

🔒 OpenAI has teamed with Trail of Bits to launch Patch the Planet, an AI-assisted vulnerability research program aimed at finding and fixing flaws in widely used open-source projects. The initiative pairs models and Codex Security with human review and established disclosure channels, and has already identified hundreds of issues and merged dozens of patches. Participants include projects such as Python, Go, cURL, Sigstore, and others that underpin enterprise software supply chains.
read more →

OpenAI Expands Daybreak with GPT‑5.5‑Cyber Release

🔒 OpenAI is distributing an enhanced GPT‑5.5‑Cyber model to trusted defenders via the Daybreak program, claiming improved capability to find, validate, and patch software vulnerabilities across large codebases. The company also updated the Codex Security plugin to accelerate discovery, triage, and automated patch generation, and launched Patch the Planet with Trail of Bits to secure open‑source projects. These steps aim to help maintainers cope with the surge in AI‑driven vulnerability findings while preserving human oversight.
read more →

AWS Continuum aims to streamline code security

🔒 AWS has introduced Continuum, a service to continuously discover, investigate, and remediate vulnerabilities across first-party and third-party codebases. The platform uses AI to validate exploitability, generate remediation recommendations, and propose fixes that integrate with existing development workflows. New capabilities include automatic threat modeling in STRIDE format, while more established features derive from the Security Agent product. Continuum supports graduated trust from human-in-the-loop review to an "enforce mode" for autonomous remediation.
read more →

AWS launches Continuum to manage code vulnerabilities

🛡️ AWS has introduced Continuum, a new platform that manages code vulnerabilities across discovery, prioritization, validation and remediation. Launched at AWS Summit New York on June 17, Continuum ingests both structured and unstructured data from an organization’s environment and begins in a human-supervised "learn mode." The platform includes the AWS Security Agent and features for pen testing, code scanning and threat modelling, with outputs in STRIDE format.
read more →

Building a Model-Agnostic Vulnerability Harness

🔧 This post describes how Cloudflare evolved a single-repo security skill into a fleet-scale, model-agnostic Vulnerability Discovery Harness (VDH) and a separate Vulnerability Validation System (VVS). It explains why single-agent prompts fail at scale and why treating models as interchangeable components improves coverage. The article outlines stages like Recon, Hunt, Validate, Trace, Dedup, Gapfill, and Feedback and emphasizes persistence, strict context controls, and cross-repo reasoning.
read more →

Advancing Enterprise Security with AI-Driven Scanning

🛡️ Microsoft Security describes codename MDASH, a multi-model agentic scanning system built to discover, validate, and help remediate software vulnerabilities at enterprise scale. The system orchestrates specialized AI agents in a structured pipeline and integrates findings into Microsoft Defender, GitHub, and Azure DevOps workflows so issues become actionable engineering work. Early use across Windows, Azure, and identity teams uncovered numerous high-severity vulnerabilities before exploitation and helped raise CyberGym benchmark performance to 96.5%. The post reviews deployment lessons, failure modes, and planned improvements like fuzzing integration and broader artifact support.
read more →

AWS Continuum: Machine‑Speed Code Vulnerability Security

🛡️ AWS announces Continuum for code vulnerabilities in gated preview, designed to manage the full lifecycle of code vulnerabilities at machine speed. The service reasons over structured AWS data and unstructured organizational context, is model‑agnostic, and operates in continuous phases from discovery to remediation. It begins in a human‑in‑the‑loop learn mode and can be graduated to enforce mode for automated remediation, and incorporates pen testing, code scanning, and threat modeling capabilities.
read more →

Lessons from 22,000 Breaches for Incident Preparedness

🔍 The 2026 Verizon DBIR analyzed over 22,000 confirmed breaches across 145 countries and concludes that organizations cannot patch fast enough to prevent every incident. Exploitation of vulnerabilities became the leading initial access vector as critical flaws and their remediation windows grew, while ransomware and third-party breaches surged. The report urges realistic, technical tabletop exercises that rehearse containment, communication, and coordination under time pressure.
read more →

AWS launches Continuum for automated vulnerability lifecycle

🔒 Today, AWS announces AWS Continuum, which discovers, prioritizes, validates, and remediates security risks at machine speed within guardrails you define. It ingests findings from existing tools and its own scans, builds an environment-aware context graph to prioritize issues, validates exploitability with reproducible proofs in isolated sandboxes, and applies fast, reversible mitigations followed by durable fixes. Continuum integrates with services like Amazon GuardDuty and AWS Security Hub, and previews include Continuum penetration testing, code scanning, and automated threat modeling in STRIDE format.
read more →

CISA Adds One Vulnerability to KEV Catalog

🔔 CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog after confirming evidence of active exploitation. This vulnerability type remains a common attack vector and presents significant risk to the federal enterprise. BOD 26-04 reinforces rapid remediation of KEV-listed CVEs for federal agencies and updates prior guidance. CISA encourages all organizations to adopt risk-based vulnerability management and may add further vulnerabilities that meet KEV criteria.
read more →

NCSC Warning: Prepare for an Unprecedented Patch Wave

🔔 The NCSC warns organisations to brace for a large-scale “patch wave” as AI accelerates exploitation of technical debt. Check Point outlines how Exposure Management helps public sector and CNI teams identify internet-facing assets, prioritise exploitable vulnerabilities, and remediate safely. The guidance emphasises discovery, exploitability-based prioritisation, and compensating controls to reduce MTTR.
read more →

Four Lessons That Shaped AI Threat Defense

🛡️ In his first Cloud CISO Perspectives, Chris Betz outlines four lessons guiding Google Cloud’s AI Threat Defense: Prepare, Scan and Prioritize, Remediate, and Monitor. He highlights how AI accelerates vulnerability discovery and defense, the importance of operational frameworks and harnesses, and the need for centralized tracking, risk-based patching, and continuous AI-driven monitoring. The guidance emphasizes reducing attack surface, close engineering collaboration, and building resilient systems.
read more →