Security tools | Breaking Cybersecurity News | The Hacker News

Reachability has quickly become one of the latest buzzwords in cybersecurity, but every vendor means something slightly different by the term. In part one of this series, I argued that reachability is really about only showing exploitable vulnerabilities. In part two , I compared runtime and static reachability to determine that if the goal of reachability analysis is to only fix exploitable vulnerabilities, only runtime reachability will get us there. The final question to address is, "Which type of runtime reachability is the right kind?" In 2025, almost every vendor uses the term reachability, alongside a nifty funnel showing your vulnerability count going down, but vendors almost always mean different things by the term. In this article, we'll explore the complexity of reachability types, and how while there's no silver bullet, function level reachability for vulnerabilities is the best overall answer to the problem. Flavors of Runtime Reachability All excalidraws are availab...

For many organizations, managing IT assets is like trying to complete a jigsaw puzzle without all the pieces. Despite massive investments in security tools and controls, many companies still have critical gaps in their ecosystems that leave them vulnerable to breaches. Often, these gaps stem not from a lack of tools—if such a thing exists in security—but from incomplete visibility and integration across those tools. By aggregating and analyzing data from multiple systems, security leaders can gain a more robust picture of their IT inventory and subsequently, their security posture. The challenge with disparate security tools It's not unusual for enterprises to deploy a wide array of security tools. The average organization uses roughly 10 security tools, covering everything from endpoint management to identity and access control. These tools, however, often operate in silos, creating fragmented and occasionally contradictory reports. Let's look at a practical example. Conside...