Brian Robison

Exploitation timelines are increasingly measured in days rather than weeks. Our latest report from Rapid7 Labs correlates vulnerability publication data, confirmed exploitation trends, frontline MDR incident response telemetry, and dark web, cybercrime, and nation-state intelligence to provide a unified view of how exposure evolves into compromise. One of the biggest standouts: how rapidly AI is being integrated into attacker playbooks, accelerating the operationalization of exposure. Many of the incidents we investigate still originate from known, unaddressed exposure. In those cases, attackers don’t need sophistication - they need opportunity. As remediation windows shrink, reducing that opportunity becomes essential to limiting compromise. You can download the 2026 Global Threat Landscape report here: https://r-7.co/4bQOAtq #infosec #cybersecurity

37

1 Comment

Download Pentera Labs Report - revealing three new critical injection points in the ingress-nginx controller, building on Wiz’s IngressNightmare CVE. These overlooked vulnerabilities could let attackers hijack traffic, spoof headers, or reach unauthorized backend services - They exist in one of the most widely used ingress controllers in Kubernetes, putting countless environments at risk. This research highlights how small misconfigurations can lead to major exposure in modern cloud-native architectures. What’s Inside: ✅ 3 new injection vulnerabilities in ingress-nginx ✅ How attackers find and exploit CVEs in open source ✅ Actionable tips to secure your Kubernetes environment https://lnkd.in/eHtX6EdP

6

1 Comment

CRITICAL VULNERABILITY ALERT CISA has highlighted a critical security vulnerability - CVE-2025-5086, CVSS 9.0 - impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software. According to Dassault, the issue impacts versions from Release 2020 through Release 2025. Information for this vulnerability can be found on SecAlerts: CVE-2025-5086, CVSS 9.0: https://lnkd.in/gBRUAAbw #ciso #cio #cto #vulnerabilities #cybersecurity #secalerts #msp #mssp #dassault #CVE20255086 https://lnkd.in/ga29CFy4

2

It seems like every quarter is a solid quarter for Fortinet...but can they keep it going? They're facing tricky near-term challenges like tariffs while trying to grow at scale, diversify revenue streams, and seed long-term growth. Decent problems to have, no doubt (except for the tariff part). A few highlights from Fortinet's Q1'25 report: → They're not worried about tariffs...yet Analysts on the call asked tariff-related questions every which way — as they should given the size of Fortinet's hardware business and manufacturing outside the United States. Fortinet's leadership team didn't blink. They had an answer for everything. The short version is: no sales cycle impacts yet, no meaningful change (positive or negative) on to the anticipated hardware refresh cycle, no plans to raise prices if tariffs hit, and flexibility to relocate manufacturing if needed. Fortinet is in a tough spot if tariffs happen, but it's not going to ruin the business. They'll have a plan. Probably layers of plans. → Lower than expected contributions from acquisitions They mentioned minimal revenue impact from acquisitions, partly due to higher than expected churn. They were bullish on Next DLP, which they acquired late last year. Linksys is part of the equation, too. Ken Xie called it a long-term play and said it will take time to work their magic on the hardware side. By process of elimination, I'm just going to assume the problem was Lacework (they didn't say) — but I'm just guessing, so don't make any serious investment decisions here. Immaterial contributions and high churn has to be a disappointing result so far, but they knew what they were getting into when buying a distressed asset. → Both SASE and SecOps are doing well, though Tariffs or not, Fortinet needs revenue diversity. Their SASE and SecOps businesses are the centerpieces of the strategy. This quarter was a positive signal, with Unified SASE ARR up 26% and 30% YoY respectively. Combined ARR is now $1.6 billion, which is bigger than most of cybersecurity's public companies. Fortinet's playbook for large, boring enterprises (like financial services and healthcare) just crushes it. Buy hardware firewalls. Add SD-WAN. Upgrade to SASE. Repeat, repeat, repeat. Case in point: they're excited about Sovereign SASE, of all things — the fully self-hosted version that only massive enterprises want. Literally the opposite of Cloudflare's strategy...but it works. --- The macro environment and geopolitical tensions are disproportionately bad for companies like Fortinet, but their leadership team has been through economic cycles before. Their methodical consistency is going to get challenged here, but they'll find a way to get through it.

63

9 Comments

𝗦𝗼𝗳𝘁𝘄𝗮𝗿𝗲 𝘀𝘂𝗽𝗽𝗹𝘆 𝗰𝗵𝗮𝗶𝗻 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗷𝘂𝘀𝘁 𝗴𝗼𝘁 𝗮 𝗺𝗮𝗷𝗼𝗿 𝘂𝗽𝗴𝗿𝗮𝗱𝗲. NetRise launched Provenance TODAY at RSAC — a tool that identifies risk tied to the actual contributors behind open source components in your enterprise software and connected devices. That's not just knowing 𝘸𝘩𝘢𝘵'𝘴 in your SBOM, it's knowing 𝘸𝘩𝘰 built it and how far their risk reaches across your portfolio. If you're at #RSAC2026, booth 5272 in the North Hall is worth the walk. #SoftwareSupplyChain #ProdSec #AppSec #SBOM #SCDR #CSCRM

4