#Infosec2025: Seven Steps to Building a Mature Vulnerability Management Program
At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes
Government Says Managed Service Providers Need More RegulationThe British government pledged to introduce stricter rules surrounding incident reporting and supply chain vulnerability patching through legislation it previewed in July 2024. The proposed Cyber Security and Resilience Bill will bring under its scope managed service providers.
Code of Practice for Software Vendors Sets Baseline Security ExpectationsA British government proposal to strengthen software supply chain security received positive feedback from vendors who said voluntary best practices could strengthen cyber defenses. The guidelines suggest requiring multifactor authentication for developers and timely vulnerability patching.
You pipsqueaks want memory safety? We'll show you memory safety! We'll borrow that borrow checker After two years of being beaten with the memory-safety stick, the C++ community has published a proposal to help developers write less vulnerable code.…
The US FAA has proposed new rules for aircraft to address cyber vulnerabilities caused by the increased interconnectivity of critical systems
FCC to Vote on Proposed Security Regulations for Leading Broadband ProvidersThe Federal Communications Commission will vote in June on a series of proposed rules that aim to strengthen security measures for nine of the leading U.S. broadband providers, with a focus on mitigating major Border Gateway Protocol vulnerabilities.
Security engineer outlines self-help strategy for keeping software supply chain safe Following the recent disclosure of a technique for hijacking certain NPM packages, security engineer Danish Tariq has proposed a defensive strategy for those looking to assess whether their web apps include dependencies tied to subvertable email domains.…