Blog

The Identity Conundrum: Enforcing Least Privilege Access At Scale

Overview In the modern cybersecurity landscape identity isn’t a perimeter, it’s a highway. As organizations scale, that highway gets longer,…

Blog

Your CVE Count Is a Meaningless Metric

Overview I’ve sat in a lot of vulnerability reviews where the team felt good about the numbers. Closed tickets for…

Blog

NGINX Rift Chain (CVE-2026-42945): Remote Code Execution (RCE) Discovered Leveraging 18-Year-Old Vulnerabilities

Overview On May 13, 2026, researchers disclosed “NGINX Rift,” a critical vulnerability chain discovered by DepthFirst AI. The chain consists…

Blog

Contextualizing SOC Alerts with Exposure Intelligence

Overview Security Operations Centers (SOCs) are on the front lines of a lopsided battle. They are navigating an overwhelming volume…

Blog

From Hunting Context to Hunting Threats: Using Exposure Intelligence to Accelerate SOC Investigations

Overview In many organizations, SOC teams spend more time digging for context than actually hunting for or responding to threats.…

Blog

Linux Kernel “Dirty Frag” Local Privilege Escalation (LPE), CVE-2026-43284 & CVE-2026-43500

Overview On May 8, 2026, cybersecurity researchers disclosed a critical vulnerability chain in the Linux kernel, nicknamed “Dirty Frag.” Tracked…

Blog

Linux Kernel “Copy Fail” Local Privilege Escalation (LPE), CVE-2026-31431, Under Active Exploitation

Overview On April 29, 2026, cybersecurity researchers disclosed a high-severity logic vulnerability in the Linux kernel, tracked as CVE-2026-31431 and…

Blog

Preparing for the Mythos Era – From Vulnerability Hunting to Exposure Management

In a recent blog, we explored what Anthropic’s Project Glasswing means for security programs and why the exposures it doesn’t…

Blog

XM Cyber Unveils PostureAI to Democratize AI-Powered SaaS Security for Google Workspace

When it comes to exposure management, most people tend to think about an evolution of legacy vulnerability management at the…

Blog

Stop the SOC Burnout: Fixing the Alert Fatigue Crisis

Alert fatigue is one of the most persistent and costly problems in security operations – and it’s getting worse. According…

Blog

Project Glasswing, Mythos Findings, and Getting Ready for Your Next Board Conversation

Blog

Adopt AI, Not Exposures: Unlocking Continuous Exposure Management to Secure the AI Attack Surface

Blog

See XM Cyber In Action

See what attackers see, so you can stop them from doing what attackers do.

Platform

Company

Partners

Services

Resources

Privacy Policy