Explore Resources

Featured

Negative Seven Days: When CVEs Become a Trailing Indicator

The mean time from CVE disclosure to exploitation hit negative seven days in 2025. CVEs are no longer leading indicators of risk, and runtime behavior is the signal that replaces them.

Read article
Articles
Guides
Podcast
Videos
Blog

Latest Articles

The CVE-Shaped Hole in the Industry's Mythos Response

Mythos found thousands of critical vulnerabilities. Fewer than 1% have CVEs. If your entire security stack needs a CVE to see risk, you're structurally blind to what's already running on your endpoints.

Joe Silva
April 15, 2026
Spektion Discovers Local Privilege Escalation Vulnerability in MobaXterm That Enables Arbitrary Code Execution

Spektion Research discovered and disclosed a privilege escalation vulnerability in MobaXterm — caught at runtime, where static tools don't look.

Team Spektion
April 2, 2026
Claude and the Hidden Risk of End-User AI: What Security Teams Need to Know Now

AI tools like Claude are reshaping the attack surface in ways traditional vulnerability management can't track. Here's what security teams need to know.

Team Spektion
March 31, 2026
Proud to Be Named Most Innovative in Runtime Exposure Management

Spektion wins two Global InfoSec Awards at RSAC 2026: Most Innovative Exposure Assessment Platform and Most Innovative Runtime Exposure Management

Michelle Brinich
March 23, 2026
A Five-Point Security Checklist for the Multi-Agent Future

AI agents are moving fast and security is scrambling to catch up. This post breaks down why static policies aren't enough, and gives security leaders a checklist to get ahead of the exposure.

Joe Silva
March 11, 2026
Supply Chain Attacks Don't Need Zero-Days, And Your ASM Program Can't Keep Ignoring That

Five supply chain campaigns. One has a CVE. The other four? Completely invisible to your vuln management program. And they're still your problem.

Joe Silva
February 17, 2026
View Blog
Podcast

Latest Podcasts

Episode 2: Joe Silva & Kirk Havens

Joe Silva trades takes with NIQ security strategist Kirk Havens on why vulnerability management is dead, what's replacing it, and the agentic AI mess already heading for your attack surface.

Episode 1: Joe Silva & Kyle Bubp

Real CISOs. Real Stories. In this unfiltered debut, former CISO–now–CEO Joe Silva joins CISO Kyle Bubp to share survival tips, career truths, and a few laughs from the cyber hot seat.

View Podcast
Videos

Latest Videos

A dashboard with a large amount of data on it.

How to Remediate Software Runtime Risks

Detection alone doesn't reduce risk. See how Spektion translates insecure runtime behaviors into actionable preventive controls before they can be exploited.

Spektion Redefines Vulnerability Management

Traditional vulnerability management drowns teams in CVEs while attackers exploit behaviors. Spektion catches what really matters with real-time runtime visibility and behavioral analytics.

How to Evaluate Third-Party Software Security in a POC

Most POCs evaluate features, not security. See how Spektion uncovers hidden runtime risks in third-party applications before they ship across your environment.

View Video Collection