Blog

How Attackers Really Move – And 5 Steps to Make Their Job Much Harder
Gali Rahamim | June 18, 2025

When non-cyber people imagine a cyberattack, they often picture a dramatic breach through a flashy zero-day exploit or high-profile vulnerability. The truth is, as…

Beyond the Checklist: Why Attackers Love Your Misconfigurations- And How to Stop Them
Batya Steinherz | May 29, 2025

Some of the worst breaches in recent years didn’t come from sophisticated malware or cutting-edge exploits. They came from something much simpler – somebody,…

Exposure Management in Retail: The Security Approach That Never Goes Out of Style
Daniel Hoffman | May 22, 2025

Retail changes fast – perhaps faster than any other customer-facing vertical. Online stores, mobile apps, and cloud-based operations are constantly evolving and improving. But…

Bridging Theory and Practice: How Continuous Security Controls Optimization Complements Proactive Defense and Posture Management
Dale Fairbrother | May 15, 2025

A report was recently published by Gartner®: Reduce Threat Exposures with Security Controls Optimization. This new report discusses how, in their viewpoint, the growing…

Forrester’s Unified Vulnerability Management (UVM) – What it Means and Why it Matters
Dale Fairbrother | May 05, 2025

Forrester recently published their new market guide for Unified Vulnerability Management (UVM), and we are excited that XM Cyber has been recognized in this…

From Blocker to Enabler: Translating Cyber Risk into Business Value
Bill Bradley | April 24, 2025

When it comes to justifying security investments to the CFO, technical arguments aren’t enough. Any CFO worth their paycheck will prioritize financial impact, operational…

Ten Things You Need to Do Yesterday to Stay Compliant with NIS2
Alex Welin | March 27, 2025

When it comes to the EU’s NIS2 Directive, meeting the basic requirements (according to the legislation in your company’s location) is only the first…

Seeing What Attackers See: How Attack Graphs Help You Stay Ahead of Cyber Threats
Menachem Shafran | March 20, 2025

Cybersecurity can seem like  a game of cat and mouse.  Defenders try to anticipate attackers’ moves; attackers try to sneak through gaps in security…

CVE-2025-24813: Critical Apache Tomcat Vulnerability Already Being Exploited – Patch Now!
Peled Eldan & Batya Steinherz | March 18, 2025

Overview  Apache Tomcat, the free and open-source implementation of the Java Servlet, recently disclosed a critical vulnerability which is being tracked as CVE-2025-24813. This…

Four Real-Life Financial Service Attacks Paths
Ian Gallagher | March 18, 2025

Back in the wild west, there was this guy, Willie Sutton. Willie’s chosen profession wasn’t the town dentist-barber or saloon owner. Nope, he was…

Exposure Management in Finance: A Proactive Approach to Cyber Resilience
Geremy Charbit and Gil Klein | March 12, 2025

The financial sector is perhaps the most cyber-targeted industry on the planet. It’s no secret why: financial institutions manage the world’s most valuable assets…

The Artificial Intelligence  Threat: Are You Losing Sleep Yet?
Jason Fruge | February 27, 2025

The rise of Artificial Intelligence (AI) has brought about incredible advancements, but it also casts a long shadow over the cybersecurity landscape. Threat actors…

1 2 3 27

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.