Resources

Insights
from the field.

Notes, deep-dives, and field reports from the SeverityZero team. CTEM strategy, OT/ICS security, ransomware analysis, and the craft of running continuous defense at scale.

★ Featured

Insight · Apr 15, 2026

Why CTEM is the only model that actually works

Vulnerability management gave us spreadsheets of CVSS 9s nobody ever fixed. Continuous Threat Exposure Management is what comes after — and why it actually changes the attacker math.

Read the post →

Technical · Mar 22, 2026

EPSS over CVSS: stop scoring threats like it's 2003

CVSS tells you how bad a vulnerability could be. EPSS tells you how likely it is to be exploited. They are not the same number — and treating them like they are is why your prioritization is broken.

EPSSCVSSPrioritizationCISA KEV

Technical · Feb 8, 2026

How to scan OT networks without breaking them

Industrial control systems have been knocked offline by curious nmap scans. Here is how SeverityZero probes 11 industrial protocols safely — and why "active scanning" is a phrase that should make every OT engineer flinch.

OTICSModbusSafety

Want our notes
in your inbox?

No marketing fluff. Just technical notes when we have something worth sharing — usually once or twice a month.

Subscribe via Contact See the Platform

Insights from the field.

Why CTEM is the only model that actually works

EPSS over CVSS: stop scoring threats like it's 2003

How to scan OT networks without breaking them

Want our notes in your inbox?

Insights
from the field.

Want our notes
in your inbox?