// #security-assessment
10 articles
SAP Landscape Security Assessment: Managing NetWeaver Vulnerabilities Across Enterprise ERP Environments
CVE-2026-44748 (CVSS 9.9) in SAP NetWeaver ABAP is the second critical SAP vulnerability of 2026 affecting SAML authentication. Enterprise organisations running complex SAP landscapes with multiple NetWeaver instances face challenges in identifying which systems are affected, prioritising patching across landscape tiers, and assessing whether compromise indicators are present.
CVE-2026-23111 Detection and Hardening Guide: Protecting Linux Environments from the nf_tables Exploit
With public proof-of-concept code available for CVE-2026-23111, security teams running Linux across production, containerised, and cloud environments need specific detection and hardening guidance. This guide covers kernel patch availability by distribution, interim mitigations, eBPF-based detection, and Kubernetes-specific containment measures.
Assessing Network Perimeter Device Security: A Methodology for Firewalls, VPN Gateways, and Load Balancers
Network perimeter devices — firewalls, VPN gateways, and load balancers — are the most frequently exploited initial access category in enterprise breaches. Despite this, they are often excluded from regular security assessments. This methodology covers how to assess the security posture of perimeter network devices without disrupting production operations.
ServiceNow Security Assessment: Auditing API Exposure and Access Control Configuration
Following the ServiceNow API breach, organisations should conduct a targeted security assessment of their ServiceNow instance, focusing on API endpoint exposure, unauthenticated access paths, ACL configuration, and service account privilege scope. This assessment guide covers the key checks and how to perform them without specialist ServiceNow security tooling.
Oracle WebLogic Security Assessment Guide: Discovering Exposure Before the Next T3 Exploit
Enterprise Java middleware is often the least-assessed component of the application security programme. Oracle WebLogic installations are frequently discovered during incident response rather than proactive inventory. This guide covers the discovery, assessment, and continuous monitoring steps for WebLogic security.
Zero-Day Response Maturity: Assessing Your Organisation's Capability Against May 2026's Vulnerability Cluster
May 2026 produced multiple simultaneous zero-days and CVSS 9.0+ vulnerabilities with active exploitation. The month serves as an inadvertent assessment of enterprise vulnerability response capability. This framework evaluates response maturity across five dimensions using the month's events as test cases.
Auditing VS Code Extensions for Supply-Chain Risk: A Practical Assessment Guide
The Nx Console supply-chain compromise in TeamPCP's May 2026 campaign targeted an extension with millions of downloads. With over 60,000 extensions in the VS Marketplace, most organisations have no inventory of which extensions their developers run. This guide covers extension auditing, publisher verification, and policy controls.
Enterprise Wi-Fi Security Assessment: Evaluating Ubiquiti UniFi Against Enterprise-Grade Alternatives After Bulletin 064
The three CVSS 10.0 vulnerabilities in Ubiquiti UniFi OS Bulletin 064 prompt a broader question: how does UniFi's security posture, vendor support, and enterprise control plane architecture compare to traditional enterprise Wi-Fi vendors? A structured assessment framework helps organisations evaluate whether UniFi is appropriate for their specific threat model.
End-of-Life VPN Appliances: A Security Assessment Framework for Identifying Unsupportable Network Equipment
The SonicWall Generation 6 end-of-life situation is the latest instance of a recurring enterprise security problem: internet-facing network equipment that reaches vendor end-of-life while still actively exploited. A structured assessment approach helps security teams identify, prioritise, and communicate the risk of EoL perimeter equipment.
NIST Updates DNS Security Guidance SP 800-81-3 — What Changed and Why It Matters Now
NIST released an updated edition of Special Publication 800-81, its foundational guidance on securing the Domain Name System, as DNS-based attacks and abuse techniques have evolved significantly since the previous version. The new SP 800-81-3 expands coverage of DNS-over-HTTPS, DNSSEC deployment best practices, DNS-based threat detection, and resilience against cache poisoning variants. Security teams should use this revision to audit current DNS architecture against current recommendations.