Stratascale
Stratascale

Agentic AI & The Urgency Trap: Why Explainability and Governance Must Come First

Agentic AI & The Urgency Trap: Why Explainability and Governance Must Come First

Aug 14, 2025

Learn how explainability, governance, and auditability in agentic AI systems help ensure safe, ethical, and accountable deployment while keeping innovation on track.

Master the Fundamentals: A Practical Approach to Cybersecurity Success

Master the Fundamentals: A Practical Approach to Cybersecurity Success

Aug 7, 2025

Joseph Karpenko, Field CISO, shares ways to master foundational security practices to dramatically reduce risk, enhance operational resilience, and empower you to stay ahead of evolving cyber threats.

Zero Trust Security Architecture: Replacing the Old Perimeter Model

Zero Trust Security Architecture: Replacing the Old Perimeter Model

Jul 24, 2025

Discover how replacing perimeter defenses with a canal-based Zero Trust model gives you granular control over every access request while strengthening security through continuous verification and microperimeters.

Vulnerability Advisory: Sudo Host Option Elevation of Privilege

Vulnerability Advisory: Sudo Host Option Elevation of Privilege

Jun 30, 2025

Stratascale's Cybersecurity Research Unit (CRU) uncovered a local privilege escalation vulnerability in Sudo (CVE-2025-32462). By exploiting the host option, attackers can gain root access on affected Linux systems. A patch is available, review your systems to stay secure.

Vulnerability Advisory:  Sudo chroot Elevation of Privilege

Vulnerability Advisory: Sudo chroot Elevation of Privilege

Jun 30, 2025

Stratascale’s Cybersecurity Research Unit (CRU) has identified a critical local privilege escalation vulnerability in Sudo (CVE-2025-32463). This flaw, tied to the chroot feature, allows any local unprivileged user to gain root access even without specific Sudo rules. Affected systems should be reviewed immediately to ensure a patched version is installed.

The Power of CTEM & How to Take Advantage of It

The Power of CTEM & How to Take Advantage of It

Jun 26, 2025

Traditional security tools and annual pentests can’t keep up. Continuous Threat Exposure Management (CTEM) delivers real-time visibility and risk-based prioritization to outpace attackers. Learn how CTEM turns reactive security into proactive protection.

Vulnerability Advisory: Ubuntu Apport Insecure File Permissions

Vulnerability Advisory: Ubuntu Apport Insecure File Permissions

Jun 12, 2025

Stratascale’s Cybersecurity Research Unit (CRU) discovered an information disclosure vulnerability in Ubuntu’s Apport crash reporting system (CVE-2025-5467). Improper file permissions allowed users in the same group to access sensitive crash data. Ubuntu has released a fix, update now to stay secure.

Keys to Achieving Continuous Cloud Security | Part Three

Keys to Achieving Continuous Cloud Security | Part Three

May 29, 2025

The final blog in our three-part series on continuous cloud security offers actionable ways to shift cloud security to the left to increase collaboration between security and DevOps teams, identify misconfigurations sooner, and minimize risk.

Vulnerability Advisory: Osquery Component Bundled with Microsoft Defender for Endpoint on Linux

Vulnerability Advisory: Osquery Component Bundled with Microsoft Defender for Endpoint on Linux

May 27, 2025

Stratascale's Cybersecurity Research Unit (CRU) discovered a local privilege escalation flaw in Microsoft Defender for Endpoint on Linux (CVE-2025-47161). The Osquery component allowed unprivileged users to gain root access. Microsoft has issued a patch—learn more to stay protected.

Vulnerability Advisory: Microsoft Defender for Endpoint on Linux Elevation of Privilege

Vulnerability Advisory: Microsoft Defender for Endpoint on Linux Elevation of Privilege

May 13, 2025

Stratascale's Cybersecurity Research Unit (CRU) recently discovered an elevation of privilege vulnerability in Microsoft Defender for Endpoint on Linux and disclosed the vulnerability to the Microsoft Security Response Center (MSRC) who assigned it CVE-2025-26684 and released a fix.

Keys to Achieving Continuous Cloud Security | Part Two

Keys to Achieving Continuous Cloud Security | Part Two

May 8, 2025

Read part two of our three-part series dedicated to helping you achieve continuous cloud security. In this article, we dive into Phase Two of the process, known as "Getting to Green."

Zero Trust Guide

Zero Trust Guide

Apr 18, 2025

Discover how the Kipling Method can help you elevate Zero Trust efforts by giving you a comprehensive view of access requests, strengthening your organization's security posture.

Keys to Achieving Continuous Cloud Security | Part One

Keys to Achieving Continuous Cloud Security | Part One

Apr 9, 2025

As cyber threats evolve, robust cloud security is essential for protecting your business. However, creating a continuous cloud security program can be complex. Our team simplifies this process into three phases to enhance your program's maturity. Explore part one of this three-part series now.

KISS Your Zero Trust Woes Goodbye

KISS Your Zero Trust Woes Goodbye

Mar 12, 2025

Learn how applying the KISS principle—Keep It Simple, Straightforward—to Zero Trust implementation can streamline processes, secure critical assets, and strengthen your organization's security posture.

2025 Success Guide

2025 Success Guide

Jan 21, 2025

Delve into this guide for actionable ways to equip your security team with the necessary knowledge and tools to turn cybersecurity into a strategic advantage and position your organization for lasting success.