Resources

All Categories

How Identity Becomes the Attack Path: 11 Real-Life Stories
See real-life attack path scenarios that exploited identity-related exposures Identities touch every layer of a hybrid environment – Active Directory,…
eBooks & Whitepapers

Mobilize Exposure Data Across SecOps Using CTEM
Is Your SOC Stuck in a Reactive Loop? “Without exposure context, response decisions default to urgency rather than impact. Delays…
eBooks & Whitepapers

The Mythos Inflection Point: Surviving the Perfect Storm of AI-powered Exploits and NVD Decay
Join XM Cyber’s CISO and experts as they unpack how Anthropic’s “Mythos” found 30-year-old zero-days and why the old ways…
Webinars

The Identity Attack Surface: A Practical Security Checklist
Audit configuration drift, manage non-human identities, and close hidden lateral movement paths.
Checklists

7 Mistakes to Avoid With Identity and Access Security
Identity and access security is a complex landscape that is a vital part of every organization’s security program. Here are…
Checklists

The Identity Conundrum: Enforcing Least Privilege Access At Scale
Overview In the modern cybersecurity landscape identity isn’t a perimeter, it’s a highway. As organizations scale, that highway gets longer,…
Blog

Your CVE Count Is a Meaningless Metric
Overview I’ve sat in a lot of vulnerability reviews where the team felt good about the numbers. Closed tickets for…
Blog

NGINX Rift Chain (CVE-2026-42945): Remote Code Execution (RCE) Discovered Leveraging 18-Year-Old Vulnerabilities
Overview On May 13, 2026, researchers disclosed “NGINX Rift,” a critical vulnerability chain discovered by DepthFirst AI. The chain consists…
Blog

Contextualizing SOC Alerts with Exposure Intelligence
Overview Security Operations Centers (SOCs) are on the front lines of a lopsided battle. They are navigating an overwhelming volume…
Blog

From Hunting Context to Hunting Threats: Using Exposure Intelligence to Accelerate SOC Investigations
Overview In many organizations, SOC teams spend more time digging for context than actually hunting for or responding to threats.…
Blog

Linux Kernel “Dirty Frag” Local Privilege Escalation (LPE), CVE-2026-43284 & CVE-2026-43500
Overview On May 8, 2026, cybersecurity researchers disclosed a critical vulnerability chain in the Linux kernel, nicknamed “Dirty Frag.” Tracked…
Blog

Linux Kernel “Copy Fail” Local Privilege Escalation (LPE), CVE-2026-31431, Under Active Exploitation
Overview On April 29, 2026, cybersecurity researchers disclosed a high-severity logic vulnerability in the Linux kernel, tracked as CVE-2026-31431 and…
Blog
1 2 3 49

See XM Cyber In Action

See what attackers see, so you can stop them from doing what attackers do.