On September 25, 2025, three new CVEs affecting Cisco networking products exploded onto the global cyber security landscape. Two of these were actively exploited as zero-days prior to their disclosure. Greenbone now includes detection tests for all three new high-risk CVEs in the OPENVAS ENTERPRISE FEED.

CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) affect the VPN web server of the Cisco Secure Firewall Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) platforms. The VPN web server enables remote devices to access an internal network via SSL/TLS-based VPN. These two CVEs can be chained for full system takeover of unpatched devices. Furthermore, they are reportedly leveraged in ArcaneDoor espionage campaigns. Also, CVE-2025-20363 (CVSS 9.0), while not tagged as actively exploited, has been bundled into most national security advisories addressing the first two flaws. The latter affects an extended list of products: Cisco ASA and FTD, as well as Cisco IOS, IOS XE, and IOS XR under certain configurations.

Greenbone’s OPENVAS ENTERPRISE FEED includes detection checks for each new high-risk CVE [1][2][3][4][5][6][7][8][9]. You can start a free trial to scan your IT environment for these and other cybersecurity vulnerabilities. Below, we discuss aspects of this ongoing situation, including the attack campaign, a brief technical description of the three flaws, and mitigation guidance.

Campaigns Exploiting Cisco ASA 5500-X Devices

CVE-2025-20333 and CVE-2025-20362 were actively exploited as zero-days targeting Cisco ASA 5500-X series devices without Secure Boot. Chained, they give unauthenticated attackers full control of the breached device. Known campaigns leveraging these flaws have deployed RayInitiator and LINE VIPER to achieve persistence [TA0003], execute commands remotely [TA0011], and exfiltrate data [TA0010]. These attacks are attributed to the ArcaneDoor cyber-espionage campaign, which has targeted perimeter network devices since early 2024 and are considered highly sophisticated. Advanced techniques used in the attacks include:

• Low-level ROMMON (ROM Monitor) tampering [004] and Pre-OS bootkit [T1542.003] for covert persistence between reboots
• Command-line interface (CLI) interception [008]
• Disabling system logging [001]
• Network packet capture [T1040]
• Bypassing AAA network-device authentication and authorization protocols [004]

No public PoC exploits are available, but CISA and Cisco have confirmed that CVE-2025-20333 and CVE-2025-20362 are already exploited in-the-wild [1][2]. While attacks leveraging CVE-2025-20363 have not been confirmed, the CVE is included in many national CERT advisories covering the first two CVEs [3][4][5][6][7][8][9][10]. Supplemental guidance includes malware analysis from the UK’s NCSC [11] and IoC hunt instructions from CISA [12].

Technical Analysis of New Critical-Risk Cisco CVEs

All three CVEs are caused by improper validation of user-supplied input in HTTPS requests [CWE-20]. When combined, CVE-2025-20333 and CVE-2025-20362 allow attackers to execute arbitrary code as root on the victim’s system. CVE-2025-20333 is the culprit for allowing RCE, but requires valid VPN credentials. CVE-2025-20362 provides authentication bypass. CVE-2025-20363 also allows unauthenticated access to restricted URLs, but across a wider scope of products including: Cisco ASA and FTD software, as well as Cisco IOS, IOS XE, and IOS XR, under certain configurations.

Here is a brief description of each vulnerability:

• CVE-2025-20333 (CVSS 9.9): Crafted HTTPS requests to the VPN web server can lead to arbitrary RCE as root on the VPN web server for Cisco ASA and FTD devices. The flaw is classified as a Buffer Overflow [CWE-122] that requires valid VPN user credentials for exploitation.
• CVE-2025-20362 (CVSS 6.5): Unauthenticated attackers achieve authentication bypass to reach restricted URL endpoints on the VPN web server for Cisco ASA and FTD devices. The flaw is due to missing authorization [CWE-862] for sensitive HTTP paths.
• CVE-2025-20363 (CVSS 9.0): Unauthenticated RCE as root on the VPN web server of Cisco ASA and FTD devices. Low-privilege authenticated attackers may achieve RCE as root on Cisco IOS, Cisco IOS XE, and Cisco IOS XR software. The flaw is a heap-based buffer overflow [CWE-122] caused by improper validation of user-supplied input in HTTP requests.

Mitigation Instructions for Impacted Devices

CISA has issued an Emergency Directive for all federal agencies to immediately remediate the ongoing threat. Users of these products should immediately begin to identify, analyze, and mitigate affected products to protect their operations. For analysis, users should follow CISA’s Core Dump and Hunt Instructions and Cisco’s official Detection Guide.

If a breach is identified, compromised devices should be disconnected but not powered off, and Incident Response Plans (IRP) and eviction processes should be activated. Victims should notify the relevant regional authorities and submit their core dump(s) for analysis. Malware analysis for RayInitiator and LINE VIPER has been published from the UK’s NCSC [1]. Cisco’s official advisories can be consulted for more detailed information [2][3][4]. Platforms vulnerable to CVE-2025-20333 and CVE-2025-20362 include:

ASA hardware, ASA-Service Module (ASA-SM), ASA Virtual (ASAv), and ASA firmware on Firepower 2100/4100/9300. Affected Cisco ASA software versions are:

• 12 – < 9.12.4.72
• 14 – < 9.14.4.28
• 16 – < 9.16.4.85
• 17 – < 9.17.1.45
• 18 – < 9.18.4.67
• 19 – < 9.19.1.42
• 20 – < 9.20.4.10
• 22 – < 9.22.2.14
• 23 – < 9.23.1.19

Cisco FTD appliances with software versions:

• 0 – < 7.0.8.1
• 1 – all versions
• 2 – < 7.2.10.2
• 3 – all versions
• 4 – < 7.4.2.4
• 6 – < 7.6.2.1
• 7 – < 7.7.10.1

CVE-2025-20363 affects the aforementioned ASA and FTD products and all releases of Cisco IOS, Cisco IOS XE with Remote Access SSL VPN enabled and Cisco IOS XR Software versions 6.8 and 6.9 (32-bit on ASR 9001) with the HTTP server enabled. Cisco NX-OS Software, 64-bit IOS XR, IOS/IOS XE without SSL VPN enabled, and ASA/FTD without WebVPN/SSL VPN features configured are not affected.

Summary

The coordinated disclosure of CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363 has triggered a global security response. Combined, the CVEs have potential for full system compromise of Cisco ASA and FTD devices as well as devices using Cisco IOS, IOS XE, and IOS XR software with certain configurations. An ongoing ArcaneDoor espionage campaign has been identified leveraging CVE-2025-20333 and CVE-2025-20362 against legacy ASA 5500-X devices.

Security agencies, including CISA and national CERTs, have issued urgent mitigation guidance, stressing immediate patching, forensic investigation, and IRP activation. Greenbone has released detection checks for all three vulnerabilities in the OPENVAS ENTERPRISE FEED to help organizations rapidly identify and remediate exposure. Start a free trial today to scan your IT environment for these and other cybersecurity risks.

CVE-2025-10035 (CVSS 10.0) is a new critical severity vulnerability in Fortra GoAnywhere MFT (Managed File Transfer). This maximum-risk CVE could provide attackers with unauthenticated remote command execution (RCE). Greenbone can detect vulnerable systems and all users should patch with urgency. 

GoAnywhere MFT is a centralized Managed File Transfer (MFT) platform enabling file exchanges between business partners, customers, and within an organization. The application also provides auditing and compliance reporting.

The root cause of this CVE is a deserialization flaw [CWE-502] in Fortra GoAnywhere MFT’s License Servlet that allows attackers to forge a license response signature to inject and execute arbitrary commands [CWE-77]. Although in-the-wild exploitation has not been confirmed, Fortra GoAnywhere has been a hot target for ransomware attacks in the past. In 2023, CVE-2023-0669 (CVSS 7.2) was targeted by Clop ransomware operator, resulting in multiple high-profile breaches. No public PoCs for CVE-2025-10035 are available yet, but a detailed technical analysis is. However, this technical analysis does not include a complete exploit chain – some exploit chain details remain unconfirmed.

CVE-2025-10035 has prompted national CERT alerts from Canada’s Canadian Centre for Cyber Security [1], the Netherlands’ NCSC-NL [2], and India’s CERT-In [3]. Also, Germany’s BSI assigned an alert [WID-SEC-2025-2090], and a CVSS Temporal score of 8.7, reflecting an unverified exploitation status (E:U), availability of official remediation (RL:O), and strong confidence in the report (RC:C).

A remote version check was swiftly added to Greenbone’s OPENVAS ENTERPRISE FEED, allowing defenders to identify vulnerable instances of Fortra GoAnywhere MFT.

Risk Assessment for CVE-2025-10035 in Fortra GoAnywhere

Going simply by the CVSS 10 rating, the risk posed by CVE-2025-10035 is extremely high if GoAnywhere’s Admin Console is exposed to the Internet. According to the analysis, attack complexity is considered low, no user interaction is required, and exploitation could result in complete system takeover.

However, public exposure is not a prerequisite for exploitation. Instances on a private network could also be exploited via so-called “malicious insider” threats or trusted third-parties [T1199]. Verizon’s 2025 DBIR (Data Breach Investigations Report) identifies Privilege Misuse (described as nefarious schemes from insider threats) as the primary root cause of 8% of breaches studied from 2024. This is a surprising figure, which erodes the belief that only public-facing vulnerabilities pose a primary threat to cyber resilience.

Technical Analysis of CVE-2025-10035 in Fortra GoAnywhere

GoAnywhere’s License Servlet is used for activating the GoAnywhere MFT license bundle as part of the setup, renewal, and migration processes. The License Servlet involves Java deserialization of the encoded “SignedObject”. In the case of CVE-2025-10035, this deserialization process could reportedly lead to RCE.

Analysis from Watchtowr evidences a pre-authentication flaw that returns an auth token via the Unlicensed.xhtml page, even when an instance has already been licensed. A malformed HTTP GET request to the route such as /goanywhere/license/Unlicensed.xhtml/x? erroneously creates a valid license-request token and returns it encrypted within a bundled data object. This occurs because the error handler function, AdminErrorHandlerServlet, internally generates a valid license-request token, associates it with the unauthenticated session, and returns it to the user within the aforementioned serialized data object. This data bundle is encrypted with a hard-coded key, which can be decrypted offline to reveal the GUID auth token in plaintext.

Once the GUID token is recovered, unauthenticated attackers can use it to access the License Servlet endpoint POST /goanywhere/lic/accept/<GUID> … bundle=<payload> passing a malicious, serialized payload. However, the attack mechanism for deserializing the payload is yet unknown because the payload needs to be signed by Fortra’s own valid private key. Security researchers have pointed to potential mechanisms such as a stolen private key or the existence of malicious payload(s) having been mistakenly signed by Fortra’s private key.

Mitigating CVE-2025-10035 in Fortra GoAnywhere

Fortra has released a security advisory [FI-2025-012] with mitigation instructions for CVE-2025-10035. Full mitigation requires upgrading to a fixed release: either to 7.8.4 (latest) or 7.6.3 (Sustain). Temporary mitigation can be achieved by restricting Admin Console access.

Fortra also advises all users to hunt for Indicators of Compromise (IoC), namely stack trace logs indicating an error for the SignedObject.getObject. Presence of this string strongly suggests the instance has been exploited by attackers. Following best practices, affected parties may also want to provide status updates to customers and other third-party stakeholders.

Summary

CVE-2025-10035 is a CVSS 10, maximum severity deserialization flaw in GoAnywhere MFT which may allow unauthenticated RCE. In 2023 attackers leveraged another CVE in GoAnywhere MFT for widespread exploitation, and national CERTs have issued alerts, signifying high risk. The OPENVAS ENTERPRISE FEED includes a version check to detect vulnerable instances in their infrastructure. End users should identify public-facing and locally deployed instances and patch with urgency.

CVE-2025-54236 (CVSS 9.1) is an account-takeover flaw that may result in unauthenticated remote code execution (RCE) under certain conditions. Dubbed “SessionReaper”, CVE-2025-54236 affects Adobe Commerce, Adobe Commerce B2B, and Magento Open Source web applications. The root cause is Improper Input Validation [CWE-20] in the REST API. Adobe’s official advisory describes the issue as a security feature bypass although no further explanation is provided.

The exploit chain for CVE-2025-54236 starts with a nested deserialization vulnerability [CWE-502] and results in a malicious session for a customer account. Security researchers from Sansec claim that Remote Code Execution (RCE) is possible when file-based session storage is used and that other attack chains may also exist, such as RCE via Redis or database session storage. Blaklis is credited with the discovery and responsible disclosure of CVE-2025-54236 via the Hackerone platform.

A full technical description, PoC, or full exploit kits are not yet publicly available. However, France’s CERT-FR has issued a public advisory for the vulnerability. Greenbone’s OPENVAS ENTERPRISE FEED already includes a remote banner check to identify vulnerable systems and verify patch status.

Risk Assessment for CVE-2025-54236 (aka “SessionReaper”)

Magento Open Source (released in 2008) and its commercial counterpart Adobe Commerce are widely used e-commerce platforms. As of 2024, they power in the order of 200-250,000 live/active stores, putting Magento among the leading global e-commerce platforms. This wide usage makes it an attractive target for attackers.

Previous vulnerabilities in Magento have been leveraged in mass exploitation attacks within hours [1][2][3][4] of their disclosure. In this case, Adobe’s patch was accidentally leaked publicly, giving attackers a head start on developing exploit code. If exploited, attackers could install malware [T1105] in an attempt to covertly maintain persistent access [TA0003] to the victim’s infrastructure. This could lead to future attacks, such as stealing payment card information to make fraudulent transactions [T1657], stealing other sensitive information [TA0010], conducting phishing [T1566] attacks against customers of the website, or deploying ransomware against the victim [T1486].

Mitigating CVE-2025-54236 (aka “SessionReaper”)

CVE-2025-54236 affects Adobe Commerce, Adobe Commerce B2B, and Magento Open Source across multiple versions, as well as the Custom Attributes Serializable module on all platforms and deployment methods [1]. However, Adobe’s own knowledge base seems to provide contradictory information, stating that the Custom Attributes Serializable module versions 0.1.0 – 0.4.0 are affected, but also advises upgrading the module to version 0.4.0 or higher.

Users are advised to install the hotfix patch provided by Adobe or update to the latest version immediately to protect their online business operations and customers. Users should also conduct a thorough assessment to determine whether their instance has already been compromised and if found, remove the infection. Adobe has also released a developer guide to help users adjust to any necessary changes in the web application’s REST API. The OPENVAS ENTERPRISE FEED includes a remote banner check to identify vulnerable systems.

Summary

CVE-2025-54236 poses a critical risk to Magento and Adobe Commerce users. For attackers, the flaw enables account takeover and potentially unauthenticated RCE on a victim’s infrastructure. Defenders should identify vulnerable systems and patch them immediately. Greenbone’s OPENVAS ENTERPRISE FEED can help to identify vulnerable web applications and verify remediation status. IT security teams should also audit their systems to detect potential breaches and remove infections if any indicators of compromise (IoC) are found.

Utrecht will be the central meeting point for the cybersecurity community on September 10 – 11, 2025. OPENVAS B.V. will make its first appearance at Cybersec Netherlands, marking an important milestone in expanding our local presence after establishing the Benelux office and fostering direct connections with customers and partners. The area is one of Europe’s most innovative hubs for digitization and IT infrastructure. With our presence, we strengthen this spirit of innovation and support companies in the region as a partner with comprehensive expertise, practical solutions, and a clear understanding of local market requirements.

A Strong Signal for the Benelux Region

“Regulatory requirements such as NIS2 are making many organizations recognize the importance of a proactive IT security strategy. At the same time, they value direct, in-person discussions about our solutions. Cybersec Netherlands provides the perfect platform for this,” explains Maurice Godschalk, Account Director at OPENVAS B.V. With its Dutch subsidiary, Greenbone strengthens its European presence and helps local institutions identify vulnerabilities early and mitigate risks effectively.

Tackling Today’s Challenges

The number of unpatched vulnerabilities in digital infrastructures is growing, and cybercriminals are exploiting known weaknesses faster than ever with the help of new technologies. At the same time, the increasing complexity of IT environments makes it challenging for many organizations to maintain a complete overview of their systems. Professional vulnerability management is therefore essential – the cornerstone for building strong and lasting cyber resilience.

Visit Us in Utrecht!

At Cybersec Netherlands, experts share practical approaches for organizations to sustainably improve their cyber resilience. Interactive sessions, live demonstrations, and specialist presentations encourage collaboration between companies, authorities, and cybersecurity professionals – helping to foster a shared culture of security.

Come and experience OPENVAS B.V. live at booth 11.E069, where you can learn more about our scalable and efficient vulnerability management solutions. Our local team, led by Maurice Godschalk, looks forward to engaging in discussions and providing tailored advice and hands-on insights into our technology.

Cybersec Netherlands marks the start of an exciting autumn of events. Over the next few weeks, Greenbone and its subsidiaries will be participating in numerous leading conferences, all with the same clear objective: to help organizations around the world stay secure.

Starting August 2025, businesses and administrative bodies must implement initial provisions of the EU AI Act – a new era of responsibility in dealing with artificial intelligence begins. Since the AI Act not only demands technical adjustments, but a fundamental rethinking, AI will prospectively be evaluated in a more nuanced way, taking risk and use case into account. This is especially true for AI encroaching on sensitive areas of life or working with personally identifiable data.

For organizations, this means: They have to grapple intensively with the ecosystem surrounding their AI-systems, detect risks early, and address them deliberately. Transparency on underlying data, comprehensible models, and human supervision are no longer optional; they are mandatory. Simultaneously, the AI Act offers a valuable framework to build trust and, in the long run, use AI safely and responsibly. Vulnerability management and cybersecurity are not exempt from this.

AI Interview with Cybersecurity Experts

We have interviewed Kim Nguyen, Senior Vice President of Innovation at the German Federal Printing Office (Bundesdruckerei) and seasoned leader and face of their Trusted Services, on the topic of AI, regulation, and the impact on cybersecurity. Additionally, Greenbone CMO Elmar Geese gives a forecast on the future of vulnerability management.

Greenbone: Kim, the topic of AI is on everyone’s lips right now, especially at events like the recent Potsdam Conference on National Cybersecurity (Potsdamer Konferenz für Nationale Cybersecurity). And you are in the thick of the public discourse.

Nguyen: Yes, I can not deny that the topic of AI is very dear to my heart, as you can tell by looking at my publications and keynotes on the topic. But my approach is a bit different than that of others. It places emphasis on trust and has many different dimensions, one of which is benevolence. That means the well-being of individual users needs to be in focus at all times. Users assume the system operates in their best interest, not in pursuit of an unknown agenda.

Greenbone: What do you think, will cybersecurity as a whole become more secure with AI, or less?

Nguyen: Of course, artificial intelligence has long reached cybersecurity – as a risk and as a chance: On one hand, it increases the attack vector, as cyber-criminals can accelerate, automate, and aim their attacks better. On the other hand, it can help harden defenses, for example, by analysing real-time data from different security sources to automatically identify security incidents and react accordingly.

„A Cat-and-Mouse Game“

To keep up in this cat-and-mouse game between attackers and defenders, you have to rely on AI, especially for defense. Government regulation is crucial here, as without appropriate legislation and technical standards, no one could know what is permitted and trustworthy and what is not.

Moreover, lawmakers must continue to actively intervene in these highly dynamic technical developments to ensure legal certainty and clear guidance. Finding the right measures and simultaneously leaving slack to encourage innovation and allow AI to be an enabler is not easy, but immensely important.

Greenbone: What do you regard as the most important questions/regulations in the EU AI Act and regulations that organizations have to face? What else is coming our way? What are big institutions like the Federal Printing Office doing to prepare?

Nguyen: With the AI Act, organizations must classify their AI-systems in a risk-based manner and fulfill different requirements regarding transparency, data-quality, governance, and security, depending on the classification – especially regarding high-risk appliances.

However, it is not just about assuring compliance, but utilizing the regulatory framework as a strategic lever for trustworthy innovation and sustainable competitiveness. It is not sufficient to focus strictly on an appropriate AI model. Integration, training of the model, and educating users are just as important. Comprehensive security guidelines – so-called “guard rails” – must be set up to ensure the system does not undertake any unauthorized processes.

„Well-Practiced Processes Bring Replicability, Robustness and Transparency to the Foreground“

The Printing Office, as a federal technology company, has been active in the high-security sector for years. We enact well-attuned processes and structures to bring replicability, robustness, and transparency to the foreground and bring trust in different AI solutions to administrations. With the AI Competence Center, we support federal agencies and ministries in developing AI applications. We have built the platform PLAIN, which offers a shared infrastructure for data and AI-applications with the Federal Foreign Office, and we developed an AI-assistant, Assistant.iQ, that meets the administration’s requirements for data security, traceability, and flexibility.

Greenbone: Open Source is a minimum requirement for trust in software, IT, and cybersecurity – is that even possible for AI, and if so, to what degree?

Nguyen: Open Source is an important topic in AI, as it can provide the necessary trust by reviewing code and models. This requires results to be examinable and verifiable, which necessitates a community that actively cares and participates.

The Open Source approach of many projects is ambitious and admirable, but many projects do not get sufficiently maintained over time or come to a standstill all together. In any case, you have to look closely when it comes to the topic of Open Source and AI. In other words: Not all Open Source is created equal. When AI developers publish under an open-source license, that does not mean you get an open-source AI.

For a start, the numerical values, so-called weights of an AI model, are very important, as they determine how it processes input and makes decisions. Then you have to consider the training data – which is often not disclosed to customers and users. Only with them can one arrive at an assessment of how transparent, trustworthy, and reproducible an open source model really is. Only when the complete knowledge behind different models is freely available, viable ideas can be built upon that foundation and lead to innovation.

Greenbone: What is missing to enable the safe deployment of AI? What do we have to change?

Nguyen: Safe deployment of AI requires, in addition to technical excellence, an appropriate Mindset for development, governance, and responsibility. Concretely, we have to keep the principle of “Security by Design” in mind from the very start. What this means: Developers must always systematically examine what could go wrong and integrate those risks early on in the blueprint and architecture of the model.

Equally important is the transparency across the edges of AI-systems: Language models currently only function reliably within certain contexts – outside of their training domain, they may deliver plausible, but potentially erroneous results. Developers should therefore clearly communicate where their model works reliably and where it fails.

Mindset, Context, and Copyright

If we do not want to experience major trust and compliance issues, we must not neglect questions about copyright and training data. Then, you need clear test data, an appropriate evaluation infrastructure, and ongoing monitoring of bias and fairness.

A balanced combination of legal regulation, technical self-commitment, and fast reacting governance is the key to an AI allowing one to protect democratic values and take technological responsibility.

Greenbone: Do you believe the EU has a competitive advantage?

Nguyen: Yes, the EU has a real advantage in the global AI competition – and it is rooted in trust. Other regions primarily bet on speed and market dominance – and in doing so, as recently happened in the U.S., largely absolve tech giants of responsibility for societal risks. On the contrary, Europe establishes a downright exemplary model with the AI Act, relying on security, data protection, and a human-centered approach to development.

Precisely because AI is increasingly entering sensitive areas of life, protection of personal data and the enforcement of democratic values are becoming increasingly crucial. With its governance structure, the EU is building mandatory standards that many countries and organizations around the world look toward. This focus on values will pay off for Europe in the long run – specifically in the export of technology and the strengthening of societal trust in democracy and systems on-site.

Especially in the development of human-centered AI, Europe is a trailblazer. However, regulation must not become a hindrance to innovation: Trust and security must go hand in hand with readiness to invest, technological openness, and fast implementability. Europe can set standards – and build up a unique, competitive AI-identity.

Greenbone-CMO Elmar Geese on AI in Vulnerability Management

Greenbone: Mr. Geese, AI is on everyone’s lips – what changes does AI bring to vulnerability management?

Geese: I think AI is going to support us a lot, but it can never replace vulnerability management fully. Although AI can take care of time-intensive routine tasks like, for example, the evaluation of large quantities of data, finding patterns, and making suggestions for prioritization, security teams must stay in charge of final decisions and stay in control, especially in complex and critical cases where human understanding of context is invaluable.

The purposeful usage – with careful judgement and planning – in vulnerability management brings numerous advantages, without having to relinquish control completely. We are already using AI today to provide a better product to our customers, completely without relaying client data to big AI service providers. Our “trustworthy AI” works completely without the transfer and central collection of data.

Greenbone: What risks do you have to consider?

Geese: According to today’s state of technology, the use of AI in security-critical areas has several risks that need to be contained. Automation creates many chances, but also risks like flawed decision making, new attack vectors, or unintended system effects. An AI with “measured judgment” combines human and machine strengths, such that technological advantages like speed and scalability can be harnessed, without disempowering technical staff or taking security risks.

Greenbone and KI

Greenbone counts on the purposeful use of artificial intelligence to efficiently detect vulnerabilities in the IT-sector and support priorities. All the while, the security teams stay responsible and in control at all times, especially when it comes to sensitive and complex decisions. Data protection always takes top priority for us: Customer data will never be transferred to external AI companies.

Our approach combines the advantages of modern technology with human reasoning – for contemporary and responsible cybersecurity.

Contact us for further information.