In this episode of the Resilient Cyber podcast, Patrick Garrity joins the Resilient Cyber team to discuss all things Vulnerability Management and Content Marketing.

Patrick Garrity provides a visualization of the top 42 vulnerabilities in the CISA 2022 Top Routinely Exploited Vulnerabilities report across various vendors and their associated products.

Ryan Cribelar, R&D Engineer a Nucleus Security, spoke to Risky Biz News about the 138 fake CVEs that were obtained on August 22nd and filed for open-source projects.

Nucleus was chosen by a select group of successful VCs as one of the most promising computer security startups so far this year. Check out this article from Business Insider for the full write-up.

Patrick Garrity’s research comparing CVSS 3.1 and 4.0 is highlighted in this breakdown of key changes and challenges security professionals should be aware of in CVSS 4.0.

This week, Nucleus Security was featured in Risky.Biz new for the breakdown and interactive chart of the CISA KEV database, broken down per vulnerability category. Check it out!

Patrick Garrity speaks to SC Media about eight new vulnerabilities added to CISA’s known exploited vulnerabilities (KEV) catalog, including six now-patched security flaws that impacted Samsung mobile devices and two others that are D-Link router and access point vulnerabilities.

Nucleus Security’s own Patrick Garrity recently published a post on Help Net Security talking about the significance of CIS Control mapping in the 2023 Verizon DBIR.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Patrick Garrity, VP of Marketing and security researcher at Nucleus Security, on how the company has been tapping into CISA’s KEV database for insights on vulnerability management and vulnerability prioritization.

During the FIC (International Cybersecurity Forum) conference, Adam Dudley shared how Nucleus Security and Orange Cyberdefense build a foundational asset and vulnerability inventory so you can operationalize vulnerability management at scale.

In this episode of the Risky.Biz Podcast, Chris Hughes, Co-Founder and CISO of Aquia, discusses his experience using Nucleus for Vulnerability Prioritization and why CVSS is not enough to successfully manage your vulnerability management program.

Nucleus’s Ryan Cribelar speaks to SC Media about CVE-2022-36537, which has a CVSS score of 7.5 and was added to the CISA KEV catalog after FOX IT reported that there were hundreds of open-facing ConnectWise R1Soft Server Backup Manager servers exploited in the wild.

Nucleus Security speaks about CVE-2023-23529, a WebKit Remote Code Execution flaw, rolled out in February’s Patch Tuesday.

Ryan Cribelar, vulnerability research engineer at Nucleus, talks with SC Media about two February additions to the CISA KEV catalog that could let attackers escalate privileges to the SYSTEM level.

In this episode of the Risky.Biz Podcast, Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.

Nucleus CEO, Stephen Carter, joins Mike Vizard with Techstrong.tv to talk about the impact that ChatGPT and AI technology might have on the cybersecurity industry, specifically within the world of vulnerability management.

Nucleus CEO, Stephen Carter, discusses the challenges and Complexity of the modern vulnerability management landscape with hosts Chris Hughes and Nikki Robinson.

Nucleus CISO, Jeff Gouge, discusses the value of consolidating vulnerability management. Jeff expands into the use of vulnerability exploitation data for prioritization and the value of taking a more modern approach to vulnerability management using SSVC (Stakeholder-Specific Vulnerability Categorization).

In this post, we chatted with our partners at Orange Cyberdefense about how a risk-based approach to vulnerability management can help businesses where they should focus to repair and fix vulnerabilities.

In this podcast interview, Scott Kuffer, COO and Co-Founder at Nucleus, has a conversation with about approaching vulnerability management at scale with Daniel Miessler of the Unsupervised Learning podcast.

Dave Farquhar, Solutions Architect at Nucleus, shares three ways to predict items that are likely candidates to make it onto the CISA KEV list.

Nucleus Security launches the CISA KEV Enrichment Dashboard, a free tool that enables vulnerability researchers to observe known and exploitable vulnerabili40 ties identified by CISA and layer additional enrichment intelligence onto their vulnerability prioritization.

Nucleus Security’s Ryan Cribelar cast doubts on the severity of the vulnerabilities CVE-2022-3786 and CVE-2022-3602, which were listed as “high” by OpenSSL in late October 2022.

Gil Azaria, Director of  APAC Operations at Nucleus Security, shares insights into the challenges that financial services face when securing their CI/CD pipelines, including competing priorities.

Nucleus Security launches the CISA KEV Enrichment Dashboard, a free tool that enables vulnerability researchers to quickly observe known and exploitable vulnerabilities identified by CISA and layer additional enrichment intelligence onto their vulnerability prioritization.

Scott Kuffer and NucleusGov win two awards at the CyberScoop 50 awards – an award that spotlights initiatives, new technologies, or novel approaches that promise to improve how governments, industries or the public at large approach cybersecurity.

In this episode of Risky.Biz, our CEO and Co-Founder Steve Carter chats about CISA’s KEV list, including his mostly positive feelings, but also hisreasonable gripes.

Our Co-Founder and CEO, Stephen Carter, sat down with Kerry Matre, host of The Mandiant Defender’s Advantage Podcast, to discuss how vuln management has evolved over time and how CISA’s Known Exploited Vulnerabilities list helps U.S. civilian agencies and organizations globally.

Nucleus is included as one of the top 60 cybersecurity startups to watch in 2022 based on innovation in new and emerging technologies, length of operation, early funding rounds, scalability, and more.

Ryan Cribelar, vulnerability research engineer at Nucleus Security, speaks to The Record by Recorded Future about several new vulnerabilities added to the CISA KEV list, including a zero-day vulnerability affecting all iPhone 8 and later models as well as several iPad models.

Dave Farquhar, Solutions Architect at Nucleus, shares the three attributes of quality vulnerability intelligence, along with the key differentiating factors to consider when looking at vulnerability intelligence tools.

David Farquhar, solutions architect at Nucleus Security, spoke to SC Media about the Fortinet products impacted by the CISA KEV CVE-2022-40684 exploit.

In this feature, Ryan Cribelar, vulnerability research engineer at Nucleus, explains how the Zoho ManageEngine vulnerability discovered earlier in September was elevated and uploaded to the U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities (KEV) catalog.

The 2022 Cost of Insider Threat Global Report from Ponemon Institute states a clear problem: “Insider threats have increased in both frequency and cost over the past two years.” In this article for CPO Magazine, Nucleus’s Ryan Cribelar speaks about the culture impact that potentially comes from sharing insider threats.

Ryan Cribelar, vulnerability research engineer at Nucleus Security, spoke to The Record about CVE-2022-3075, a wide-reaching vulnerability added to the CISA KEV list in September 2022.

Scott Kuffer, Co-Founder and COO of Nucleus Security, joins Chuck Harold at SecurityGuyTV.com live from Black Hat USA 2022 to talk about how scanning is only step one in the vulnerability management process.

Nucleus Security, a leader in risk-based vulnerability management and process automation, is pleased to be included as a Sample Vendor in two recent Gartner Hype Cycles: Hype Cycle for Security Operations, 2022 and Hype Cycle for Application Security, 2022.

In this episode of The Last Watchdog podcast, listen to Scott Kuffer and Byron Acohido discuss the importance for organizations to take a risk-based assessment lens to vulnerability management.