Top Stories

Resilience Stack

The Resilience Stack™: A Five-Layer Framework for Cyber Insurance Risk Assessment

Introducing The Resilience Stack™ — Resiliently's proprietary framework that maps the full cyber risk journey from external threats to insurance readiness, with free assessment tools at every layer.

Michael Guiao

12 min read

The Resilience Stack™: A Five-Layer Framework for Cyber Insurance Risk Assessment
What Eclipse Ditto Security Gaps Mean for Your Cyber Policy
NIS 2 · · 14 min read

What Eclipse Ditto Security Gaps Mean for Your Cyber Policy

OpenHack whitebox review of Eclipse Ditto reveals digital twin authentication bypass, policy injection, and WebSocket exposure patterns that increase OT and manufacturing cyber insurance claims risk.

What HashiCorp Vault Security Gaps Mean for Your Cyber Policy
NIS 2 · · 15 min read

What HashiCorp Vault Security Gaps Mean for Your Cyber Policy

OpenHack whitebox review of HashiCorp Vault reveals seal bypass risks, token leakage patterns, and storage backend misconfigurations that undermine the foundation of secret management assurance for cyber insurance.

What Keycloak Security Gaps Mean for Your Cyber Policy
NIS 2 · · 14 min read

What Keycloak Security Gaps Mean for Your Cyber Policy

OpenHack whitebox review of Keycloak reveals authentication bypass, session fixation, and RBAC misconfiguration patterns that directly impact identity-related cyber insurance claims.

What OpenZeppelin Contracts Security Gaps Mean for Your Cyber Policy
NIS 2 · · 14 min read

What OpenZeppelin Contracts Security Gaps Mean for Your Cyber Policy

OpenHack whitebox review of OpenZeppelin Contracts reveals reentrancy patterns, access control gaps, and gas griefing vectors that underwriters must factor into DeFi and smart contract risk pricing.

What Strimzi Security Gaps Mean for Your Cyber Policy
NIS 2 · · 14 min read

What Strimzi Security Gaps Mean for Your Cyber Policy

OpenHack whitebox review of Strimzi Kafka Operator reveals privilege escalation in K8s RBAC, unsafe deserialization, and certificate management gaps that impact OT and manufacturing cyber insurance.

The Five Toxic Powers of Agentic AI — What Underwriters Need to Know
Agentic AI · · 11 min read

The Five Toxic Powers of Agentic AI — What Underwriters Need to Know

Agentic AI introduces five double-edged powers that create toxic risk combinations. Here's how underwriters, brokers, and CISOs should assess the threat.

CVE-2023-28777: What This Means for Cyber Insurance Underwriting
Cyber Risk · · 10 min read

CVE-2023-28777: What This Means for Cyber Insurance Underwriting

CVE CVE-2023-28777 with CVSS 8.5. Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) vulnerability in LearnDash LearnDash

WordPress SQL Injection: CVE-2023-5439 Cyber Insurance Portfolio Risk Analysis
Cyber Risk · · 10 min read

WordPress SQL Injection: CVE-2023-5439 Cyber Insurance Portfolio Risk Analysis

WordPress plugin SQL injection flaws like CVE-2023-5439 consistently drive data breach claims. Learn how to assess cyber insurance portfolio exposure...

WordPress SQL Injection: Cyber Insurance Lessons from CVE-2023-33927
Cyber Risk · · 10 min read

WordPress SQL Injection: Cyber Insurance Lessons from CVE-2023-33927

Discover how the WordPress CVE-2023-33927 SQL injection flaw impacts cyber insurance claims frequency, coverage determinations, and underwriting gaps.

blog.featured

WordPress Plugin Flaw CVE-2023-4213 Exposes 10K+ Sites to Cyber Claims

Cyber Risk ·

6 min read

WordPress Plugin XSS Vulnerability Exposes Cyber Insurance Portfolios to Persistent Web Risks

Cyber Risk ·

5 min read

WordPress Security Plugin Flaw Exposes Organizations to Cyber Claims

Cyber Risk ·

6 min read

WordPress Plugin Flaw Exposes Cyber Insurance Portfolios to SQL Injection Risks

Cyber Risk ·

6 min read

Premium Report

2026 Cyber Risk Landscape Report

24 pages of threat analysis, claims data, and underwriting implications for European cyber insurance.

View Reports →