Blog

From Risk to Decisions: Why SSVC Is the Missing Piece

Article

Expert View

|

8 min

Thomas Charara

You've got better severity scores. You've got risk context. Now you need to actually decide what to do. This is the final piece of the puzzle. In our first article, we covered how CVSS v4 improved severity measurement. In the second, we...

CVSS Is Necessary, But Not Sufficient. Here's Why.

Article

Expert View

|

8 min

Thomas Charara

You've got a “Critical” CVSS score. Now what? In the article about CVSSv4 adoption, we saw that CVSS gives you a number. That number tells you the vulnerability is severe. It doesn't tell you whether attackers are actively exploiting it...

Navigating the Cisco Vulnerability Management End of Life: A Strategic Inflection Point for Security Programs

Article

Expert View

|

10 min

Pierre Samson

On December 9, 2025, Cisco issued an official end-of-life announcement that changes the landscape for many security teams: Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module...

CVSS v4, Two Years On: What The Data Really Say

Expert View

Article

|

5 min

Thomas Charara

When CVSS v4 launched in November 2023, the security community had questions. Would organizations actually adopt it? Would the refined scoring methodology deliver on its promises? And most importantly, would it help security teams make...

Security teams are struggling to stay afloat in the vulnerability flood

Article

Hackuity in the News

|

3 min

Sylvain Cortes

Security teams are scrambling to keep up with the ever-greater volume and sophistication of threats, with the active and continual exploitation of CVEs (Common Vulnerabilities and Exposures) having become the source of major headaches.

NIS Investments Study

Hackuity in the News

|

2 min

Security Magazine

The ‘talent crunch’ in cyber shows no signs of easing, according to a study by the European Union’s cyber agency, ENISA. It found that difficulties in attracting (cited by 76pc) and retaining (71pc) cybersecurity...

React2Shell (CVE‑2025‑55182): critical vulnerability in React Server Components

Expert View

|

5 min

Wilfrid Blanc

A critical flaw in React Server Components (RSC) turned into a live-fire event within hours...

From noise to action – how context transforms vulnerability management?

Article

Hackuity in the News

|

5 min

Sylvain Cortes

I see many organizations fall into the “patch everything now” trap, treating any delay as a ticking time bomb. Ironically, this constant sense of urgency can make for a less efficient patch management process. Chasing every CVE as...

Safeguarding Your Vulnerability Management Programme in Uncertain Times

Article

Hackuity in the News

|

5 min

Sylvain Cortes

Without enriched data, teams are left sifting through raw CVE entries without actionable detail required for effective prioritisation.

A day in the life of a VOC: taking a proactive approach to vulnerability management

Article

Hackuity in the News

|

3 min

Pierre Samson

Pierre Samson, CRO at Hackuity, explores the role of a Vulnerability Operations Centre (VOC) in protecting organisations from cyber threats.

Why defenders must act faster than ever to outpace vulnerability exploitation

Article

Hackuity in the News

|

5 min

Sylvain Cortes

Traditional vulnerability management has been designed for a world of steady streams - patch cycles, database updates, and predictable timelines. Processes are built to handle a steady stream of new CVEs to patch. But every day now...

Building A Rapid-Response Vulnerability Operation

Article

Hackuity in the News

|

4 min

Sylvain Cortes

The window of time for dealing with security vulnerabilities is shrinking. Research has found that, of 432 distinct CVEs exploited in the wild during the first half of 2025, nearly a third (32%) were abused on or before the day...

More code, more flaws: scaling vulnerability management for the AI era

Article

Hackuity in the News

|

4 min

Sylvain Cortes

Software is being built at record speed, but security is falling behind. In fact, recent research found that 81% of organisations knowingly shipped vulnerable code last year to meet the pressure for shorter production lifecycles.

Nearly Half of Security Teams Struggling to Cope with Growing Volume of Vulnerabilities

Article

Case Study

|

10 min

Code Red

Hackuity, the risk-based vulnerability management provider, today released new research revealing the mounting pressure on security teams as they struggle to keep pace with the rising number of CVEs (Common Vulnerabilities and Exposures).

How the Vulnerability Operations Centre serves as an essential mission control for vulnerabilities

Article

Hackuity in the News

|

5min

Pierre Samson

The vulnerability management ‘to do’ list can feel like a perpetual loop. No sooner have the latest batch of security updates been handled than it’s time to start over again.

Hackuity’s new RBVM Platform 2.0 brings enhanced risk prioritisation

Product

Article

|

10 min

Code Red

‍Hackuity, the risk-based vulnerability management provider, today announced the launch of Version 2.0 of its next generation platform, featuring major enhancements to bring further support to organisations in prioritising risks.