Blog

Patch Tuesday Analysis
Blog

March 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/10/2026
Today’s Patch Tuesday Alert addresses Microsoft’s March 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Vulnerability Management
Patch Tuesday Analysis
Blog

February 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/10/2026
Today’s Patch Tuesday Alert addresses Microsoft’s February 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Vulnerability Management
Patch Tuesday Analysis
Blog

January 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/13/2026
Today’s Patch Tuesday Alert addresses Microsoft’s January 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence
Vulnerability Management
Patch Tuesday Analysis
Vulnerability Research

December 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/09/2025
Today’s Patch Tuesday Alert addresses Microsoft’s December 2025 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence
Patch Tuesday Analysis
Blog

November 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/11/2025
Today’s Patch Tuesday Alert addresses Microsoft’s November 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence
Vulnerability Management
Patch Tuesday Analysis
Blog

October 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 10/14/2025
Today’s Patch Tuesday Alert addresses Microsoft’s October 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence
Vulnerability Management
Blog

How to Automate Vulnerability Management: Benefits, Best Practices, and FAQs

Mon, 09/08/2025
What Is Vulnerability Management Automation? At its core, vulnerability management (VM) is the continuous process of scanning an organization’s digital environment for exploitable weaknesses that could serve as entry points for cyberattacks, reporting and evaluating the findings, and remediating systems to remove detected weaknesses. For vulnerability...
Vulnerability Management
Waiting to Patch
Blog

Waiting to Patch? Attackers Won’t Wait to Exploit.

By Cybersecurity Experts at Fortra on Wed, 08/20/2025
In the time it takes for some companies to determine which vulnerabilities to patch, attackers will have already launched their malicious strike.In cybersecurity, we see this all the time. A major company was breached through a vulnerability that had a patch available for over 6 months. The patch wasn’t applied due to internal process delays, competing priorities, and fear of system downtime....
Vulnerability Management
back_to_basics_why_checkbox_compliance_isnt_enough
Blog

Back to Basics: Why Checkbox Compliance Isn’t Enough

By David Henderson on Tue, 08/19/2025
Compliance doesn’t protect you. It simply outlines the defenses that should have been in place. And when you’re not compliant, the gap often only comes to light after something’s gone wrong. In today’s evolving threat landscape, passing an audit isn’t enough. Security leaders need continuous visibility, actionable insights, and real-world accountability, long before an auditor ever shows up. It’s...
Compliance
Patch Tuesday Analysis
Vulnerability Research

August 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/12/2025
Today’s Patch Tuesday Alert addresses Microsoft’s August 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1169 as soon as coverage is completed.
Threat Research & Intelligence
Vulnerability Management
file_integrity_monitoring_in_2025_more_than_just_a_tripwire
Blog

File Integrity Monitoring in 2025: More Than Just a Tripwire

By Chris Hudson on Thu, 07/31/2025
It’s been over a decade that I’ve worked primarily in the world of File Integrity Monitoring and Secure Configuration Management, helping to ensure that hundreds of different companies are able to detect unauthorized or unexpected changes to their configurations.Security has changed a lot over that period, and yet there’s been some surprisingly consistent experiences in the field that I will often...
File Integrity Monitoring (FIM)
Security Configuration Management (SCM)
how_do_you_determine_what_vulnerabilities_to_fix_first
Blog

How Do You Determine What Vulnerabilities to Fix First?

By David Henderson on Tue, 07/29/2025
Security teams don’t suffer from a lack of data. They suffer from a lack of clarity. Every scan, every alert, every dashboard shouts for attention. The result? A wall of red. Thousands of vulnerabilities. Hundreds marked critical. Dozens hitting the same system. Teams are left staring at the mess, asking the only question that matters: Which one do we fix first? That question doesn’t get enough...
Vulnerability Management
Patch Tuesday Analysis
Blog

July 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/08/2025
Today’s Patch Tuesday Alert addresses Microsoft’s July 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1164 as soon as coverage is completed.
Threat Research & Intelligence
Vulnerability Management
compliance-breakdowns-making-sure-they-only-happen-once
Blog

Compliance Breakdowns: Making Sure They Only Happen Once

By Chris Reffkin on Tue, 07/01/2025
Cross-functional alignment is one of the most effective tools a CIO has for maintaining compliance in a fragmented regulatory environment. However, while many understand that disparate teams working together is “what it’s all about,” many CIOs may not yet realize that it’s their responsibility to take point for the process.Or, that a successful compliance outlook doesn’t mean perfection – it means...
Compliance
Patch Tuesday Analysis
Blog

June 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/10/2025
Today’s Patch Tuesday Alert addresses Microsoft’s June 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1160 as soon as coverage is completed.
Threat Research & Intelligence
Vulnerability Management
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for May 2025

By Lane Thames on Wed, 06/04/2025
Fortra's May 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 6 issues including spoofing, out of bounds memory access, insufficient data validation, inappropriate implementation, use after free, and heap buffer overflow vulnerabilities.Next on the...
Vulnerability Management
Prescription For Disaster: Sensitive Patient Data Leaked in Ascension Hack
Blog

Prescription For Disaster: Sensitive Patient Data Leaked in Ascension Breach

By Graham Cluley on Fri, 05/16/2025
Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. To the undoubted distress of Ascension's client base, the details of hundreds of thousands have fallen into the hands of hackers, opening up opportunities for fraud and identity theft. Breached...
Compliance
Data Loss Prevention
Vulnerability Management
Tripwire VERT Patch Priority Index
Blog

Tripwire Patch Priority Index for February 2025

By Lane Thames on Wed, 03/05/2025
Tripwire's February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities.Next on the list are patches for Microsoft Office and Excel. These patches resolve 8 issues such as remote code execution and information disclosure...
Blog

Patch Tuesday Update - January 2025

By Mieng Lim on Tue, 01/14/2025
FVM will include the Microsoft Patch Tuesday checks in the NIRV 4.57.0 and FVM Agent 2.18.• Microsoft addressed 158 vulnerabilities this release, including 10 rated as Critical.Microsoft has publicly disclosed the below vulnerabilities:CVE-2025-21366 - Microsoft Access Remote Code Execution VulnerabiliyCVE-2025-21395 - Microsoft Access Remote Code Execution VulnerabilityCVE-2025-21186 -...
Vulnerability Management