Artemes AI

SecOps & Vulnerability Research Blog

Practitioner-grade security research, written by people who've been in the trenches.

All
Threat Intelligence
Vulnerability Research
AI & Security
Compliance
Incident Response
Abstract cybersecurity visualization
Vulnerability Research

Why CVSS Alone Can't Tell You Which Vulnerabilities Actually Matter

CVSS is useful, but it is not the same thing as priority. Learn how exploitability signals, exposure indicators, configuration drift, and asset context can improve vulnerability prioritization.

Chris Seymour, Co-Founder, Principal
Apr 20, 2026 10 min read
Read Article

Latest Research

Read Configuration Drift: The Hidden Reason Your Vulnerability Priorities Keep Changing
Vulnerability Research

Configuration Drift: The Hidden Reason Your Vulnerability Priorities Keep Changing

Configuration drift can quietly change vulnerability priority. Learn why exposure indicators, permissions, controls, and configuration evidence should inform remediation decisions.

Alex Gibson
Apr 21, 202611 min read
Read How to Reduce False Positives in Vulnerability Management Without Ignoring Real Risk
Vulnerability Research

How to Reduce False Positives in Vulnerability Management Without Ignoring Real Risk

False positives and false urgency waste security and engineering time. Learn how context-aware vulnerability management helps teams reduce noise with stronger evidence, exploitability signals, and remediation context.

Chris Seymour
Apr 22, 202612 min read
Read CVSS vs. EPSS: Why Exploit Probability Still Needs Business Context
Vulnerability Research

CVSS vs. EPSS: Why Exploit Probability Still Needs Business Context

CVSS and EPSS are both useful vulnerability prioritization signals, but neither tells the full risk story alone. Learn how context turns severity and exploit probability into actual risk decisions.

Alex Gibson
Apr 23, 202611 min read
Read AI Alert Triage: How Security Teams Cut Through Noise and Remediate Faster
AI & Security

AI Alert Triage: How Security Teams Cut Through Noise and Remediate Faster

Learn how AI alert triage helps SecOps teams reduce noise, prioritize real threats, and move from manual investigation to faster remediation without losing human control.

Alex Gibson
Apr 24, 202612 min read
Read AI-Generated Remediation Scripts: How Security Teams Can Fix Vulnerabilities Faster Without Losing Control
AI & Security

AI-Generated Remediation Scripts: How Security Teams Can Fix Vulnerabilities Faster Without Losing Control

AI-generated remediation scripts can help security teams move faster from vulnerability detection to action. Learn how to use AI safely for patching, mitigation, configuration fixes, and SecOps workflows.

Chris Seymour
Apr 25, 202613 min read
Read Machine Learning in Endpoint Telemetry: How SecOps Teams Turn Signals Into Faster Remediation
AI & Security

Machine Learning in Endpoint Telemetry: How SecOps Teams Turn Signals Into Faster Remediation

Learn how machine learning in endpoint telemetry helps SecOps teams detect suspicious behavior, reduce alert noise, connect vulnerabilities to active risk, and accelerate remediation.

Alex Gibson
Apr 26, 202613 min read
Read Human-in-the-Loop AI in SecOps: What to Automate and What to Keep Under Human Control
AI & Security

Human-in-the-Loop AI in SecOps: What to Automate and What to Keep Under Human Control

Learn where AI should automate SecOps workflows, where human approval should remain, and how security teams can use human-in-the-loop AI to remediate threats faster without losing control.

Chris Seymour
Apr 27, 202613 min read
Read AI SOC Agents vs. SOAR: Why SecOps Automation Needs Context, Not Just Playbooks
AI & Security

AI SOC Agents vs. SOAR: Why SecOps Automation Needs Context, Not Just Playbooks

Traditional SOAR platforms automate predefined playbooks, but AI SOC agents can reason across alerts, vulnerabilities, assets, telemetry, and remediation context.

Alex Gibson
Apr 28, 202613 min read
Read Why Your CVE Scanner Is Flying Blind: A Technical Deep-Dive Into Context-Aware Vulnerability Assessment
Vulnerability Research

Why Your CVE Scanner Is Flying Blind: A Technical Deep-Dive Into Context-Aware Vulnerability Assessment

Legacy scanners match version numbers to CVE IDs without checking execution paths or configs. This approach generates massive false positive rates. Here is what actually works.

Marcus Webb
Mar 12, 202512 min read
Read The Osquery Handbook: 47 Queries Every SecOps Team Should Have Running
Threat Intelligence

The Osquery Handbook: 47 Queries Every SecOps Team Should Have Running

A definitive guide to turning your endpoints into high-performance relational databases without tanking CPU.

Priya Nair
Mar 3, 202518 min read
Read Gemini vs. GPT-4 for Security Analysis: What We Learned Running 10,000 Test Cases
AI & Security

Gemini vs. GPT-4 for Security Analysis: What We Learned Running 10,000 Test Cases

When the stakes are zero-day exploits, hallucination isn't an option. Here's how the leading models perform on real-world telemetry.

Dr. Sarah Chen
Feb 22, 20259 min read
Read SOC 2 Type II in 90 Days: The Technical Roadmap That Actually Works
Compliance

SOC 2 Type II in 90 Days: The Technical Roadmap That Actually Works

Skip the consultants. Here is the exact technical infrastructure and policy mapping we used to achieve SOC 2 Type II.

Alex Reyes
Feb 10, 202514 min read
Read Alert Fatigue Is a Design Problem, Not a People Problem
Incident Response

Alert Fatigue Is a Design Problem, Not a People Problem

Why blaming analysts for missing alerts is a failure of leadership, and how to fix the underlying data pipelines.

Marcus Webb
Jan 28, 20257 min read
Read CVSS Is Broken. Here's What We Use Instead.
Vulnerability Research

CVSS Is Broken. Here's What We Use Instead.

A 9.8 score means nothing if the service isn't externally reachable. How to implement context-aware risk scoring.

Marcus Webb
Jan 14, 202511 min read
Read How a Misconfigured Crontab Became a Lateral Movement Vector: Anatomy of a Real Attack
Threat Intelligence

How a Misconfigured Crontab Became a Lateral Movement Vector: Anatomy of a Real Attack

A technical teardown of how attackers chained a low-severity misconfiguration into domain admin access.

Priya Nair
Dec 20, 20248 min read

Explore Topics

AI SecurityOsqueryCVSSEPSSRisk-Based PrioritizationContext-Aware ScanningIncident ResponseLateral MovementCVE AnalysisThreat ModelingBlue TeamSignal vs. NoiseAI Alert TriageAI Threat RemediationAutomated Security TriageAI-Generated RemediationSecurity AutomationEndpoint TelemetryMachine LearningHuman-in-the-Loop AISecOps AutomationAI SOC AgentsSOAR Automation

Security research, delivered to your inbox.

No marketing. No fluff. Just practitioner-grade vulnerability research and threat intelligence from the Artemes AI team. Unsubscribe any time.

Join 4,200+ security engineers and CISOs. No spam, ever.