Appears on
Articles6
Mallory goes GA: Introducing our AI-Native Threat Intelligence Platform
Today, we're launching Mallory, our AI-Native Threat Intelligence Platform built for exposure investigation. Here's why we built it, what it does, and what's next.
VulnOps, Minus the Mythology
Vuln-ops gets talked about like a mythology. Here's what five minutes of it actually looks like in Mallory, from a Slack ping on Bleeding Llama (CVE-2026-7482) to on-demand Suricata rules.
Mallory is now SOC 2 Type 2 certified
Our SOC 2 Type 2 examination is complete, less than 60 days after GA. The report is available to security teams under NDA.
Compromised Packages Drop Daily. Are You Running Any of Them?
From an overnight supply chain compromise to a scheduled audit of your own GitHub org. A live stream of compromised packages, an agent that checks whether you're running any of them, and a daily 6am email with the answer.
The Real Change in BOD 26-04 Is Forensic Triage
CISA's new directive replaces fixed KEV deadlines with risk-based timelines. The bigger change: for the highest-risk vulnerabilities, agencies must now determine whether the asset was already compromised, within 72 hours.
Five Eyes to Boards: Back to Basics, Faster
Six cybersecurity agency heads signed one statement on AI and cyber risk. Their answer is not more tools. It is the basics, done faster, because the gap between disclosure and exploitation is shrinking to months.

