KWM - KWM

August 22, 2024

Your SIEM is only as valuable as you have time to ask it questions.

Do you have time to identify and ask the right questions? And most importantly, do you have time to sift through the results to find answers?

Twitter Facebook LinkedIn

The SEC should require disclosure of cybersecurity controls

January 17, 2025

8-K filings for material cybersecurity incidents should require disclosure of all cybersecurity controls (software and services) in place when the event occurred.

Atomic Red Team ATT&CK tool updated to v16.1

January 17, 2025

Just a quick note to point out that the Atomic Red Team test tracking tool has been updated to reflect MITRE ATT&CK v16.1.

Known exploited vulnerabilities by market cap

January 14, 2025

It’s easy to criticize vendors for the number of known exploited vulnerabilities in their software, but raw counts lack context. A company with 100 software products will naturally have more vulnerabilities than one with a smaller portfolio. However, product count alone doesn’t account for a company’s size or resources.

Cybersecurity stat of the day: CISA KEV vulnerabilities 2.8 years old, on average

January 14, 2025

Cybersecurity stat of the day: The average delta (in years) between CVE assignment and addition to the CISA Known Exploited Vulnerability (KEV) catalog is 2.8 years. 🤯

by Keith McCammon

You May Also Enjoy

The SEC should require disclosure of cybersecurity controls

Atomic Red Team ATT&CK tool updated to v16.1

Known exploited vulnerabilities by market cap

Cybersecurity stat of the day: CISA KEV vulnerabilities 2.8 years old, on average