My Tech Decisions Static SBOMs vs Dynamic SBOMs To meet the demands of the modern cybersecurity scene, it's necessary to have an SBOM which can adapt with the threats it encounters. June 7, 2022 Liran Tancman
The Register That critical vulnerability might not be the first you should patch "In a study released this week, Rezilion found that about 85 percent of the vulnerabilities are not loaded into memory at these organizations, Perkal told The Register." June 7, 2022 Jeff Burt
Help Net Security Rezilion provides real-time visibility to all software components with Dynamic SBOM "The need for a Software Bill of Materials (SBOM) is now imperative to any organization that wants to build and manage secure software." June 7, 2022 Help Net Security Staff
CSO Online Rezilion launches Dynamic SBOM for software supply chain devsecops "Rezilion claims to differentiate its SBOM with a host of features including bug identification and resolution, vulnerability scanning, devopment to production cycle implementation and result-report solutions." June 7, 2022 Shweta Sharma
Cyber News Group Millions Of Java Apps Are Still Vulnerable To Log4Shell “We learned that the landscape is far from ideal & many applications vulnerable to Log4Shell still exist in the wild," Perkal wrote in the report. June 7, 2022 Alan Rubins
SC Media Log4Shell attack surface remains large "Rezilion researchers discovered that the attack surface for the critical Log4Shell zero-day flaw in the Apache Log4j library continues to be significant four months since its discovery, according to BleepingComputer." June 7, 2022 SC Media Staff
ZDNet Log4j flaw: Thousands of applications are still vulnerable, warn security researchers Log4j remains a consistent vulnerability which still has the potential to be exploited by attackers. June 7, 2022 Danny Palmer
The Record Log4Shell, ProxyLogon and Atlassian bug top CISA’s list of routinely exploited vulnerabilities in 2021 "About 90,000 machines and 68,000 public-facing internet servers are still vulnerable to Log4Shell, according to Perkal, who added that the time to patch the vulnerable containers exceeded 100 days and on average took 80 days." June 7, 2022 Jonathan Greig
Dark Reading Log4j Attack Surface Remains Massive "There are probably a lot of servers running these applications on internal networks and hence not visible publicly through Shodan," Perkal says. June 7, 2022 Jai Vijayan