Qualys Security Blog Expert network security guidance and news
- How Security Tool Misuse Is Reshaping Cloud Compromise
by Sayali Warekar on February 19, 2026 at 5:00 pmKey Takeaways Cloud Compromise Frequently Starts with Credential Misuse Cloud compromise is increasingly defined by authentication rather than exploitation. Exposed credentials and mismanaged identities now provide a faster path to access than vulnerability chaining. At the same time, legitimate security utilities designed to detect secret leaks are widely available. When used defensively, they reduce exposure.
- New: AI-Powered Patch Reliability ScoringâPredict Patch Impact Before You Deploy
by Eran Livne on February 18, 2026 at 9:35 pmWhat do advisory USN-7545-1 and Windows updates KB5065426, KB5063878, KB5055523, and KB5066835 have in common? Based on anonymized Qualys telemetry from 2025, they were among the most frequently rolled-back patches, in other words, patches that had to be undone after deployment. Rollbacks arenât just inconvenientâtheyâre disruptive. They burn time, trigger outages, and create security gaps
- Qualys Recognized as a Leader in the 2026 Forrester Wave⢠for CNAPP
by Kunal Modasiya on February 17, 2026 at 4:41 pmQualysâ Key Takeaways Selecting the right security platform is no longer just a technical decision; itâs a strategic imperative. For Chief Information Security Officers (CISOs) and cloud security leaders, the market is flooded with vendors promising total visibility and single-pane-of-glass simplicity. Cutting through the noise demands rigorous, objective analysis. For The Forrester Waveâ˘: Cloud-Native Application Protection Solutions (CNAPP), Q1 2026,
- Active Directory Attacks Demystified: Pass-the-Hash (PtH), Pass-the-Ticket (PtT), and Beyond
by Prashant Sheshnaryan Pawar on February 12, 2026 at 7:36 amKey Takeaways Introduction Active Directory (AD) remains the backbone of identity and access management for most enterprises, controlling authentication, authorization, and access across users, endpoints, servers, and applications. Because of this central role, Active Directory is also one of the most targeted components in enterprise environments. Modern attackers rarely rely on noisy malware or brute-force
- Microsoft and Adobe Patch Tuesday, February 2026 Security Update Review
by Diksha Ojha on February 10, 2026 at 8:51 pmMicrosoftâs February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patching in enterprise environments. Hereâs a quick breakdown of what you need to know. Microsoft Patch Tuesday for February 2026 This monthâs release addresses 61 vulnerabilities, including five critical and 52 important-severity vulnerabilities. In this monthâs updates, Microsoft has addressed six zero-day vulnerabilities that have been exploited in the wild. Microsoft addressed one vulnerability in Microsoft Edge (Chromium-based) that was patched earlier this month. Microsoft Patch Tuesday, February edition, includes updates for vulnerabilities in Microsoft Exchange Server, Microsoft Graphics Component, Windows
- TruConfirm: Autonomous, Agent-Led, Safe Exploit Validation for Real-World Risk Reduction
by Himanshu Kathpal on February 4, 2026 at 5:00 pmKey Takeaways The Question CISOs Cannot Answer Today The scan is done. Dashboards are full. Change windows are tight. And one critical question dominates every vulnerability review: âIs this exposure actually exploitable on our asset, in our production environment,with our controls, right now?â Volume is no longer an anomaly. In 2025, a staggering 48,177 CVEs were published. Most organizations now face thousands â often tens of thousands
- Mutagen Astronomy: From Discovery to CISA RecognitionâA Seven-Year Journey
by Saeed Abbasi on February 2, 2026 at 7:19 pmIntroduction On January 26, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-14634 to its Known Exploited Vulnerabilities (KEV) catalog. The same vulnerability was discovered by the Qualys Threat Research Unit (TRU) in September 2018. We nicknamed it âMutagen Astronomyâ as a tribute to the 1992 film Sneakers. In that movie, the phrase âSetec
- ROC vs. CTEM: How a Risk Operations Center Evolves Beyond Continuous Threat Exposure Management in 2026
by Shailesh Athalye on January 30, 2026 at 4:52 pmKey Takeaways: The Essentials of ROC vs. CTEM Modern enterprises face a constant flood of data from dozens of siloed security tools, creating a fragmented view of risk. Continuous threat exposure management (CTEM) offers a framework to bring exposures together from these tools, and a risk operations center (ROC) provides the operational power to turn
- Top 10 Cloud Compliance Tools for Enterprise Security and Audit Readiness in 2026
by Pooja Prabhukhot on January 29, 2026 at 5:00 pmKey Takeaways Compliance Breaks When Proof Lags Infrastructure Cloud compliance has changed. It is no longer an audit milestone. It is a continuous expectation. Boards demand visibility into regulatory exposure. Regulators expect evidence, not intent. Enterprise customers want assurance in real time. Meanwhile, frameworks such as NIST and CIS are becoming harder to implement as
- How Public Container Registries Have Become a Silent Risk Multiplier in a Modern Supply Chain
by Amit Gadhave on January 22, 2026 at 4:00 pmKey Takeaways The Risk Introduced by Implicit Trust in Public Container Images Public container registries have become foundational to modern software development. A single docker pull can accelerate application delivery, standardize environments, and reduce operational friction across teams. However, that same convenience has quietly shifted trust decisions earlier in the development lifecycle, often without sufficient scrutiny of what is actually
