Tyler Reguly, Associate Director of Security R&D at Fortra, explains in Dark Reading that although Microsoft’s June Patch Tuesday reached a record 206 CVEs, organizations should not focus solely on volume. He emphasizes that only a small percentage of vulnerabilities are typically exploited and that historical averages remain relatively consistent. The article highlights how AI is accelerating...

Josh Taylor, Lead Security Analyst at Fortra, discusses in Unite.AI how agentic AI is rapidly expanding Non-Human Identities (NHI), creating complex attack surfaces for organizations. The article highlights the importance of adapting security strategies to address these evolving risks.

Josh Taylor explores how autonomous AI is reshaping cyber operations and why traditional assumptions about speed, stealth, and defense no longer hold.

Tyler Reguly, Associate Director of Security R&D at Fortra, was featured in a recent Dark Reading article examining Microsoft’s April 2026 Patch Tuesday update.

A recent Forbes article, later picked up by Yahoo Tech, covered Microsoft’s disclosure of CVE-2026-21262, an SQL Server privilege escalation vulnerability that was publicly revealed before a patch was released.

Ricardo Narvaja’s vulnerability research is featured in Cyber Security News, examining CVE-2026-2636, a denial-of-service flaw in Windows’ Common Log File System driver. The vulnerability allows a low-privileged user to trigger an unrecoverable Blue Screen of Death through a simple proof of concept requiring only two API calls. 

Software and cloud vulnerabilities continue to grow in volume and complexity. In IT Security Wire, Tyler Reguly outlines how organizations can move beyond patching everything and instead focus on prioritization, stakeholder alignment, and asset visibility to reduce fatigue and improve outcomes.

CSO reported on Microsoft’s February 2026 Patch Tuesday release, which addressed 60 vulnerabilities, including six that are new and actively exploited.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a CSO article examining Microsoft’s January 2026 Patch Tuesday, which includes an actively exploited zero-day and several critical vulnerabilities affecting Windows, Office, and SharePoint.

In Security Boulevard, Tyler Reguly explains why the goal of patching every vulnerability is not just unrealistic but counterproductive. Drawing on more than two decades in vulnerability management, he argues that security teams need to stop chasing raw CVE counts and instead focus on risk, context, and asset intelligence to decide what truly matters.Originally published in ​Security Boulevard....

Tyler Reguly, Senior Manager of Security R&D at Fortra, was featured in a CSO article examining how security teams can adapt to the surge in vulnerabilities. He explains why public data remains a valuable tool for guiding risk-based strategies.Originally published in ​CSO.​Excerpt: ​“The reality is that public sources of intelligence are critical to managing your vulnerabilities,” Reguly argues. ...

Tyler Reguly was quoted in a CSO article on Microsoft’s August Patch Tuesday updates.

Rohit Dhamankar, Fortra’s vice president of product strategy, sits down with CyberRisk TV at Black Hat 2025 to examine how offensive security is shifting from periodic pen tests to continuous, AI-assisted approaches that provide measurable proof of defensive effectiveness.

Fortra’s Tyler Reguly offered insights on steps companies can take to reduce risk and pointed out a gap in Microsoft’s guidance that could lead to confusion.

Microsoft’s June Patch Tuesday brings attention to several critical threats, including four unpatched vulnerabilities in Microsoft Office. In a new CSO article, Fortra’s Tyler Reguly weighs in on what these issues mean for security teams and how to prioritize the most urgent threats.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a new Computerworld article on Microsoft’s out-of-band updates for a serious Windows 11 startup issue.

William Snowden was recently featured on Vizo Financial’s Financial Minds: Meet the Experts podcast to talk about the importance of vulnerability scanning and penetration testing for credit unions.

Dark Reading reports that with PCI DSS 4.0.1 now in effect, merchants can no longer assume third-party service providers carry the full burden of compliance.

Fortra’s Tyler Reguly explores the essential security measures that should be at the foundation of every cybersecurity strategy in 2025.

Healthcare organizations are under mounting cyber threats, but regulatory frameworks like Abu Dhabi’s Healthcare Information and Cyber Security (ADHICS) Strategy are paving the way for stronger protections.