Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
Vulnerability Prioritization: Beyond CVSS Scores
CVSS scores alone lead to alert fatigue and misallocated resources. Here's how EPSS, reachability analysis, and exploit intelligence create a smarter prioritization model.
Apache HTTP Server CVE-2021-41773: A Path Traversal Bug That Should Have Been Caught in Code Review
CVE-2021-41773 allowed path traversal and RCE on Apache HTTP Server 2.4.49. The fix was incomplete, leading to CVE-2021-42013 days later. A lesson in patching under pressure.
ProxyShell: The Microsoft Exchange Exploit Chain That Wouldn't Stop
ProxyShell chained three Exchange vulnerabilities for unauthenticated remote code execution. Months after patches were available, thousands of servers remained exposed.
PrintNightmare CVE-2021-34527: The Windows Print Spooler Bug That Haunted Every Enterprise
PrintNightmare gave attackers SYSTEM-level access through the Windows Print Spooler service running on nearly every Windows machine. The patch rollout was a mess.