How Attackers Really Move – And 5 Steps to Make Their Job Much Harder
When non-cyber people imagine a cyberattack, they often picture a dramatic breach through a flashy zero-day exploit or high-profile vulnerability. The truth is, as…
Beyond the Checklist: Why Attackers Love Your Misconfigurations- And How to Stop Them
Some of the worst breaches in recent years didn’t come from sophisticated malware or cutting-edge exploits. They came from something much simpler – somebody,…
Exposure Management in Retail: The Security Approach That Never Goes Out of Style
Retail changes fast – perhaps faster than any other customer-facing vertical. Online stores, mobile apps, and cloud-based operations are constantly evolving and improving. But…
Bridging Theory and Practice: How Continuous Security Controls Optimization Complements Proactive Defense and Posture Management
A report was recently published by Gartner®: Reduce Threat Exposures with Security Controls Optimization. This new report discusses how, in their viewpoint, the growing…
Forrester’s Unified Vulnerability Management (UVM) – What it Means and Why it Matters
Forrester recently published their new market guide for Unified Vulnerability Management (UVM), and we are excited that XM Cyber has been recognized in this…
From Blocker to Enabler: Translating Cyber Risk into Business Value
When it comes to justifying security investments to the CFO, technical arguments aren’t enough. Any CFO worth their paycheck will prioritize financial impact, operational…
Ten Things You Need to Do Yesterday to Stay Compliant with NIS2
When it comes to the EU’s NIS2 Directive, meeting the basic requirements (according to the legislation in your company’s location) is only the first…
Seeing What Attackers See: How Attack Graphs Help You Stay Ahead of Cyber Threats
Cybersecurity can seem like a game of cat and mouse. Defenders try to anticipate attackers’ moves; attackers try to sneak through gaps in security…
CVE-2025-24813: Critical Apache Tomcat Vulnerability Already Being Exploited – Patch Now!
Overview Apache Tomcat, the free and open-source implementation of the Java Servlet, recently disclosed a critical vulnerability which is being tracked as CVE-2025-24813. This…
Four Real-Life Financial Service Attacks Paths
Back in the wild west, there was this guy, Willie Sutton. Willie’s chosen profession wasn’t the town dentist-barber or saloon owner. Nope, he was…
Exposure Management in Finance: A Proactive Approach to Cyber Resilience
The financial sector is perhaps the most cyber-targeted industry on the planet. It’s no secret why: financial institutions manage the world’s most valuable assets…
The Artificial Intelligence Threat: Are You Losing Sleep Yet?
The rise of Artificial Intelligence (AI) has brought about incredible advancements, but it also casts a long shadow over the cybersecurity landscape. Threat actors…
Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.