Blog

XM Cyber Advisory – OpenSSL Critical Vulnerability
Zur Ulianitzky and David Azria | October 31, 2022

Overview According to the OpenSSL team, on November 1st, 2022, a new version, number 3.0.7 will be released (https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html). It’s interesting to note that…

Continuous Controls Monitoring: Automatically Identifying Gaps in Security Controls
Michael Greenberg | October 25, 2022

Today, we are going to talk about something that might not score too high on anyone’s “Oh wow, I’ve been wondering about that” list….

Why Attack Surface Management is Essential for Cybersecurity
Michael Greenberg | October 11, 2022

If you want to defend yourself, you need to know everywhere that you’re vulnerable. Then, you need to start eliminating those weaknesses. That’s the…

What Is the Difference Between Vulnerability Assessment and Vulnerability Management?
Dan Anconina | August 23, 2022

If you have an extremely valuable asset, you need a smart strategy to protect it. Unfortunately, many organizations are operating without one. That lack…

What Are the Different Types of Vulnerability Assessment?
Dan Anconina | August 10, 2022

How do we best protect what’s most valuable to us? That’s a question that we all wrestle with. For today’s enterprises, few things are…

4 Top Methods Attackers Use to Move Across Your Hybrid Networks and Compromise Business-critical Assets
Michael Greenberg | July 13, 2022

Cybersecurity is a cat-and-mouse game, and it’s important for defenders to be able to anticipate the likely methods attackers will use to compromise their…

What Is Proactive Cyber Defense?
Michael Greenberg | July 10, 2022

Cybercrime is obstructing business and governments worldwide. No longer just an IT problem, it is the biggest threat to organizations’ reputation and business continuity….

CISOs and Their Boards are Failing to Communicate — with Disastrous Results for Enterprise Security
Michael Greenberg | July 06, 2022

Why changing your reporting approach is the key to connecting with your board and protecting your most critical assets. Today’s CISOs understand that cyber-risk…

How to Combat Advanced Persistent Threats
Sharron Malaver | June 21, 2022

Imagine the following Security Operations (SecOps) scenario. A large organization conducts regular audits of its security controls. It monitors a collection of intrusion detection…

Chaining together Active Directory attack techniques to give your organization the edge against attackers
Michael Greenberg | May 30, 2022

Debuting at RSA 2022 we will show the industry how we can link the use of Active Directory (AD) into the entire attack path,…

Decrypting VMware Workstation Passwords for Fun
David Azria & Zur Ulianitzky | May 23, 2022

Overview At XM Cyber, we have been hard at work on the techniques that attackers use against your VMware environments. What you’re about to…

Our security is only as strong as our ability to manage it: The necessity of Attack Path Management for the Hybrid Cloud
Michael Greenberg | May 12, 2022

Now it’s no secret businesses have ramped up and driven the adoption of the cloud faster than any period previously. One of the key…

1 6 7 8 9 10 26

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.