
Compliance
How We Know Our Automated Patching Works
Alfred Hall, Chief Technical Officer
03.06.26
4 min read
Learn how Nanitor uses its own CTEM platform to independently verify that automated patching worked — with a real incident timeline, ISO 27001 controls, and a full audit trail.
Read more
Cybersecurity
Nanitor earns Cybersecurity Made in Europe label
Rósa Stefánsdóttir, Chief Marketing Officer
07.05.26
3 min read
ECSO has awarded Nanitor the Cybersecurity Made in Europe label, independent confirmation that Nanitor is a European, Iceland-headquartered cybersecurity vendor
Read more
CybersecurityExposure Management
Security Metrics Getting Better But Security Might Not Be
Jon Taylor, Chief Operating Officer
28.04.26
5 min read
Windows hotpatch will compress days-to-patch and reboot counts in May 2026. Why those security metrics are losing meaning, and what CTEM measures instead.
Read more
CybersecurityExposure Management
Mythos and the Asset You Don't Know You Own: What the AI Vulnerability Storm Means
Jon Taylor, Chief Operating Officer
21.04.26
6 min read
A coalition of the Cloud Security Alliance, SANS, OWASP, and the wider security community has released a strategy briefing every security team should read this quarter. The message is not panic. It is preparation, and it points directly at the muscle your programme should already be building.
Read more
Cybersecurity
Luck Is Not Hardening: Why CIS Checks Require Deliberate Configuration
Jon Taylor, Chief Operating Officer
07.04.26
4 min read
There is a quiet assumption in many IT environments that passing a security benchmark means you are secure. A system gets assessed against CIS benchmarks, the numbers come back green, and everyone moves on. But the critical question rarely gets asked: did we configure this system to pass, or did it just happen to? The difference matters enormously. And in most organizations, the honest answer is uncomfortable.
Read more
Cybersecurity
Our Partners Deserve Better - That's Why We Built the Nanitor Partner Portal
Inga María Backman, Chief Sales Officer
30.03.26
3 min read
Today, I'm excited to share that we're launching the Nanitor Partner Portal - live now at partners.nanitor.com. It's built designed specifically to give our partner community a proper home: a place where you have the resources, visibility, and support you need to be successful with Nanitor.
Read more
Exposure ManagementVulnerability Management
Why Vulnerability Management Is No Longer Enough - And What Comes Next
Inga María Backman, Chief Sales Officer
20.02.26
4 min read
Vulnerability management identifies weaknesses. Exposure management prioritises the weaknesses most likely to be exploited. Organisations that understand this difference make faster, more defensible security decisions.
Read more
Cybersecurity
Announcing Nanitor Partner of the Year 2025: VISO
Inga María Backman, Chief Sales Officer
27.01.26
2 min read
We are delighted to recognize VISO as Nanitor Partner of the Year 2025. VISO stood out for their exceptional growth, deep engagement with the Nanitor platform, and their ability to translate Continuous Threat Exposure Management (CTEM) into tangible outcomes for customers. Their team has consistently demonstrated what it looks like to build modern cybersecurity services around clarity, prioritization, and measurable risk reduction.
Read more
Exposure ManagementMSSPVulnerability Management
From Alert Fatigue to Exposure Clarity: Starting the Year with Fewer, Better Security Decisions
Richard Daly, Partner Lead UK & Ireland
07.01.26
3 min read
Instead of a clean slate, the year often begins with the same pressure as the last one ended: too many alerts, too many dashboards, and too many decisions competing for attention. The problem isn’t a lack of effort or expertise. It’s that everything feels urgent at once - and when that happens, prioritisation quietly breaks down. This is what alert fatigue really looks like in practice. And it’s not a personal failure. It’s a structural one.
Read more
CybersecurityCybersecurity
Year in Review: What Building for Real Security Teams Has Taught Us and what AI means in 2026
Rósa Stefánsdóttir, Chief Marketing Officer
16.12.25
4 min read
As cybersecurity teams close out 2025, many find themselves facing a familiar paradox: more data, more tools, and more alerts - but no corresponding sense of clarity or control. At the same time, artificial intelligence has become the dominant narrative in security, often positioned as a solution to problems that are fundamentally operational in nature. We sat down with Gunnsteinn Hall, Chief Product Officer at Nanitor, to reflect on what 2025 revealed about the realities of managing cyber risk today, where AI is already delivering value, and why a more grounded, continuous approach to exposure management will matter even more in 2026.
Read more
CybersecurityExposure Management
Why Nanitor Is the Challenger to Watch in Exposure Assessment
Jon Taylor, Chief Operating Officer
13.11.25
3 min read
When Gartner released its first Magic Quadrant for Exposure Assessment Platforms in November 2025, it validated a philosophy Nanitor has championed for years: exposure management is the future. The report's core criteria (prioritization, context, and a unified view) are the very DNA of Nanitor's platform. While the MQ focused on 20 legacy vendors, the true innovation is happening with challengers who built for this new reality from day one. Nanitor is leading that charge.
Read more
Cybersecurity
Use Slack + Nanitor To Make Cybersecurity More Visible for Everyone
Alfred Hall, Chief Technical Officer
08.10.25
5 min read
Cybersecurity too often lives behind locked doors. Dashboards are hidden away in specialized tools, and only a handful of people know the status at any given time. But awareness of security risks shouldn’t be limited to the IT department.
Read more
ComplianceCybersecurity
How Nanitor Helps CISOs Align with the NIST Cybersecurity Framework (CSF)
Richard Daly, Partner Lead UK & Ireland
24.09.25
2 min read
The NIST Cybersecurity Framework (CSF) has long been a cornerstone for organizations seeking to strengthen cyber resilience. With version 2.0, NIST has expanded the framework to six core functions - Govern, Identify, Protect, Detect, Respond, and Recover - giving CISOs and business leaders a structured way to manage risk and demonstrate accountability.
Read more
Cybersecurity
Operational CTEM, Not Just Theory: Interview with CEO Heimir Fannar Gunnlaugsson
Rósa Stefánsdóttir, Chief Marketing Officer
24.07.25
5 min read
In this SafetyDetectives interview, Heimir Fannar Gunnlaugsson Nanitor CEO shares how Nanitor cuts through the noise of cyber risk, why smart prioritization beats chasing CVEs, and what’s next for the company as it doubles down on AI, integrations, and actionable security.
Read more
Cybersecurity
What is CTEM? A Non-Technical Guide to Continuous Threat Exposure Management
Inga María Backman, Chief Sales Officer
22.07.25
4 min read
In boardrooms and executive meetings across the world, the same fear is echoing louder than ever: Are we really protected against a cyberattack? The cost of a breach? Millions in damage, loss of trust, and operational disruption. For many executives, it's not just about compliance anymore—it’s about survival. And here's the hardest part: Traditional cybersecurity approaches are falling short. Most leaders simply don’t have a clear answer to the question: Where are we exposed, and what should we fix first? That’s where CTEM—Continuous Threat Exposure Management—comes in.
Read more
Compliance
Why Nanitor’s CTEM Platform Outperforms Legacy Assessments for NCSC CAF Compliance
Gunnsteinn Hall, Chief Product Officer
16.07.25
4 min read
Traditional tools approach NCSC CAF compliance as a checklist—something to audit and file away. Nanitor flips that approach. Our Continuous Threat Exposure Management (CTEM) platform provides ongoing, evidence-backed assurance of your cybersecurity posture—aligning directly with the spirit and continuous improvement intent of the NCSC Cyber Assessment Framework (CAF).
Read more
Compliance
From Scan Lists to Security Gains: Why Nanitor’s CTEM Platform Outperforms legacy assessments for NCSC CRA and DSPT Compliance
Gunnsteinn Hall, Chief Product Officer
31.05.25
4 min read
As the Chief Product Officer (CPO) of Nanitor, I’m proud to share how our Continuous Threat Exposure Management (CTEM) platform is uniquely positioned to help organizations not only assess but continuously improve their cybersecurity posture in alignment with the UK’s National Cyber Security Centre (NCSC) Cyber Resilience Assessment (CRA) and the Data Security and Protection Toolkit (DSPT).
Read more
Cybersecurity
How CTEM Integrates TEM, CAASM, and Cyber GRC
Jon Taylor, Chief Operating Officer
01.04.25
5 min read
The cybersecurity landscape is more complex than ever. Organizations face an overwhelming number of security tools, yet cyber threats continue to escalate. Many businesses rely on disconnected solutions that create security gaps rather than filling them. To combat these challenges, businesses need a framework integrating multiple strategies into a single, continuous process.
Read more
Compliance
How Nanitor's CTEM Platform Ensures Seamless Compliance with DORA
Chris Ayliffe, Chief Marketing Officer
14.08.24
3 min read
Nanitor's Continuous Threat Exposure Management (CTEM) platform is designed with DORA's requirements at its core. The platform provides a comprehensive solution for financial institutions to manage and mitigate ICT risks, ensuring they meet the compliance criteria set out by DORA.
Read more
Compliance
How Nanitor Supports NIS2 Compliance
Chris Ayliffe, Chief Marketing Officer
24.07.24
3 min read
The European Union's NIS2 Directive is set to become a cornerstone of cybersecurity standards, particularly for critical infrastructure companies. Officially known as “Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union,” NIS2 replaces the old NIS directive and comes into full effect on October 18, 2024.
Read more
Cyber Exposure Alerts
Leveraging Nanitor's CTEM Platform to Mitigate the Risk of Cyber Attacks
Chris Ayliffe, Chief Marketing Officer
12.07.24
3 min read
Ticketmaster's recent data breach has sent shockwaves across North America, with emails urging customers to safeguard against identity theft and fraud. The breach, which took place in May, saw the personal details of 560 million customers stolen by cyber criminals.
Read more
Cybersecurity
Strengthening Your Cyber Defenses: Nanitor's Guide to Ransomware Protection
Jon Taylor, Chief Operating Officer
03.07.24
3 min read
At Nanitor, we know that having a solid cybersecurity program is crucial for keeping your systems and data safe from cyberattacks, especially ransomware. These attacks are becoming more frequent and complex, posing serious risks to businesses and institutions worldwide.
Read more
Cybersecurity
Understanding the Difference Between CTEM and ASM: Enhancing Cybersecurity and Hygiene with Nanitor
Jon Taylor, Chief Operating Officer
26.06.24
4 min read
In the ever-evolving landscape of cybersecurity, organizations must adopt robust strategies to protect their digital assets and maintain a strong security posture. Two key approaches in this endeavor are Continuous Threat Exposure Management (CTEM) and Attack Surface Management (ASM).
Read more
Exposure Management
Why You Need Agent-Based Scanning for CTEM
Chris Ayliffe, Chief Marketing Officer
03.06.24
3 min read
In today's digital landscape, cyber threats are more sophisticated and persistent than ever before. As organizations strive to protect their digital assets, Continuous Threat Exposure Management (CTEM) has become an essential practice. One key element that significantly enhances CTEM is agent-based scanning.
Read more
Exposure Management
What Could Happen If You Don't Leverage CTEM
Chris Ayliffe, Chief Marketing Officer
29.05.24
3 min read
In today's rapidly evolving digital landscape, the need for robust cybersecurity measures is more critical than ever. Continuous Threat Exposure Management (CTEM) is emerging as a revolutionary approach to enterprise security, far surpassing traditional vulnerability management.
Read more
MSSP
Leveraging Nanitor's Global-Leading CTEM Platform: A Comprehensive Guide for Customers and Partners
Chris Ayliffe, Chief Marketing Officer
23.05.24
7 min read
In the rapidly evolving landscape of cybersecurity, organizations face an ever-growing array of threats and vulnerabilities. To combat these challenges effectively, businesses require robust, comprehensive solutions that not only identify risks but also provide actionable insights to mitigate them.
Read more
MSSP
What is the CTEM Opportunity For MSSPs?
Chris Ayliffe, Chief Marketing Officer
15.05.24
6 min read
As cyber threats continue to evolve with increasing complexity and frequency, organizations are under significant pressure to maintain robust defenses. This has given rise to Continuous Threat Exposure Management (CTEM), a methodology that is becoming essential for organizations striving to stay ahead of threats.
Read more
MSSP
Nanitor: Revolutionizing MSSP Operations with Comprehensive Security Solutions
Chris Ayliffe, Chief Marketing Officer
14.05.24
8 min read
In the rapidly evolving landscape of cybersecurity, Managed Service and Security Providers (MSSPs) are increasingly vital to the security architectures of diverse organizations worldwide. However, the complexity of managing numerous security solutions across multiple clients presents significant challenges that can compromise the effectiveness of MSSPs.
Read more
Exposure Management
Exposure Management 101: Misconfigurations
Derek Melber, Chief Strategist
16.02.24
4 min read
Nearly every operating system, database, storage environment, printer, etc. has some form of configuration that needs to be made. In many cases, the configurations are related to security, to ensure the device or environment is secured from an attack.
Read more
Exposure Management
Exposure Management 101: Identity Security
Derek Melber, Chief Strategist
16.02.24
4 min read
Identity security is a major pillar for any security angle, especially for exposure management. Attackers target identities so they can move laterally and obtain privileges throughout the organization. At the core of every identity are properties and attributes, which can be exploited by attackers, with ease in many cases.
Read more
Exposure Management
Exposure Management 101: Patch Intelligence
Derek Melber, Chief Strategist
16.02.24
4 min read
Patch intelligence is often one of the most dodged activities for most organizations. Patching has taught us over the years that often the patch might break things worse than the original issue. However, without patching our systems are exposed to a myriad of exploits and attack paths.
Read more
Exposure Management
Exposure Management 101: Vulnerability Management
Derek Melber, Chief Strategist
16.02.24
4 min read
Vulnerability management is not a new concept. It might be one of the oldest security concepts for organizations, to be honest. However, vulnerability management might be one of the most misunderstood areas of security for most organizations due to the overwhelming number of vulnerabilities that all organizations face.
Read more
Exposure Management
Exposure Management: You can’t secure what you don’t know about
Derek Melber, Chief Strategist
26.01.24
4 min read
It is not a new concept that IT is not fully aware of all of the assets and devices that are on the network. Projects come and go, rogue devices are put on the network, legacy assets are forgotten about, etc. The other concept that is not new is that attackers love these assets and devices that have been orphaned and forgotten. These assets and devices are not updated, patched, configured, secured, or monitored.
Read more
Exposure Management
CTEM Needs to Include Identity Security
Derek Melber, Chief Strategist
19.01.24
3 min read
Continuous Threat Exposure Management (CTEM) is a trending technology that was initially created by Gartner. It is so important that Gartner named it the #2 strategic technology trend for 2024. Gartner also stated that: “By 2026, organizations that prioritize their security investments based on a continuous exposure management program will be 3x less likely to suffer a breach.”
Read more
Cybersecurity
Security Drift – How Do You Know?
Derek Melber, Chief Strategist
19.01.24
4 min read
Drift Happens! No matter the size of the organization or security staff, nor the monitoring of changes to every device, drift is going to occur. Do you know when everyone on your team makes a change, installs software, tweaks a service on every asset? What if someone installs 5 different software solutions on an asset…
Read more
Vulnerability Management
Is Vulnerability Management Enough to Prevent Ransomware?
Derek Melber, Chief Strategist
03.01.24
4 min read
Ransomware has proven to be the number one issue for organizations of all sizes and verticals in the past few years. Nearly all of the organizations that have been breached and ransomed had a vulnerability management solution or process in place. So, it begs the question whether or not vulnerability management along is enough?
Read more
Cybersecurity
Leveraging Industry Standards for Security Hygiene
Derek Melber, Chief Strategist
03.01.24
3 min read
Often, I see security solutions that are just “guessing” at what needs to be secured. Sure, there is knowledge, experience, and expertise behind the solution. However, when industry standards can be incorporated, it proves that the security solution is considering the massive expertise and analysis that has gone behind the security standardization and recommendations.
Read more
Cybersecurity
Nanitor Enhances Protection with External Attack Surface Management (EASM)
Gunnsteinn Hall, Chief Product Officer
02.01.24
5 min read
In the ever-evolving landscape of cybersecurity threats, organizations are constantly seeking ways to fortify their defenses and safeguard their digital assets. Recognizing the importance of proactive security measures, Nanitor has taken a significant leap forward by integrating External Attack Surface Management (EAAS) into its CTEM solution – and the best part? It comes at no extra charge to users.
Read more
Vulnerability Management
Adopting CTEM to Replace Your Legacy Vulnerability Management Solution
Derek Melber, Chief Strategist
22.12.23
7 min read
Continuous Threat Exposure Management (CTEM), a category that was designated by Gartner, is trending to be one of the hottest topics in 2023. Gartner has stated that CTEM is designed to secure digital and physical assets for any sized organization. Gartner states “By 2026, organizations that prioritize their security investments based on a continuous exposure management program will be 3x less likely to suffer a breach.”
Read more
Cybersecurity
How to Implement Continuous Threat Exposure Management (CTEM)
Chris Ayliffe, Chief Marketing Officer
28.11.23
6 min read
In the realm of cybersecurity evolution, Continuous Threat Exposure Management (CTEM) emerges as a transformative approach, surpassing traditional vulnerability management. Developed by Gartner, CTEM's proactive security posture remediation plan navigates five core stages: scoping, discovery, prioritization, validation, and mobilization, ensuring adaptability in the face of evolving cyber threats.
Read more
Cybersecurity
Meet Heimir Gunnlaugsson: Empowering Nanitor's Journey into Cybersecurity Excellence
Heimir Fannar Gunnlaugsson, Chief Executive Officer
27.11.23
3 min read
Dive into the world of cybersecurity leadership with Heimir Gunnlaugsson, Nanitor's seasoned CEO. Drawing from a wealth of experience in industry giants like Microsoft, Heimir delves into Nanitor's mission, the strategic importance of partnerships, and the critical role of Continuous Threat Exposure Management (CTEM) in fortifying cybersecurity defenses. Explore Heimir's serious vision for Nanitor's future, highlighting the profound impact it seeks to make in elevating digital security to new heights.
Read more
Vulnerability Management
The Key Differences Between CTEM and Vulnerability Management
Chris Ayliffe, Chief Marketing Officer
20.11.23
6 min read
In the rapidly evolving landscape of digital transformation, businesses grapple with escalating cybersecurity risks, prompting a departure from traditional Vulnerability Management to the more dynamic Continuous Threat Exposure Management (CTEM). The traditional approach of Vulnerability Management, centered on identifying and remediating known vulnerabilities, falls short in the face of today's complex IT environments. Manual remediation planning and passive identification lead to inaccurate risk assessments, necessitating a shift to a more robust and adaptive cybersecurity strategy.
Read more
Cybersecurity
Exploring Continuous Threat Exposure Management (CTEM)
Derek Melber, Chief Strategist
09.11.23
9 min read
Continuous threat exposure management (CTEM) is a new and expansive view of enterprise security. The legacy vulnerability management solutions and approach is still valid, just not comprehensive enough to truly protect an enterprise. With enterprises under attack from internal and external threat actors, every advantage the organization can gain to secure every avenue the threat actor might act upon could mean the difference between being breached and subverting the attack.
Read more
Cybersecurity
What is Remediation in Cybersecurity?
Chris Ayliffe, Chief Marketing Officer
26.06.23
8 min read
In today's digitally-driven world, cybersecurity has become increasingly vital. As technology rapidly evolves and permeates every aspect of our daily lives, cyber threats seeking to exploit these advancements also multiply. Maintaining robust cybersecurity measures is a crucial component of any organisation's security strategy, playing a pivotal role in safeguarding businesses from hackers, viruses, malware, ransomware, and other potential dangers. This process involves identifying vulnerabilities within systems and addressing them to reduce the likelihood of breaches or attacks.
Read more
Cybersecurity
Everything You Need to Know About CAASM
Chris Ayliffe, Chief Marketing Officer
05.06.23
8 min read
On April 30, 1993 the internet went public and completely changed the world forever. The concept of the internet was the idea of Tim Berners-Lee, who at the time was a 37-year-old researcher at the CERN institute in Switzerland. Tim’s concept was of an interconnected world where information was available to anyone at any time.
Read more
Vulnerability Management
Why is Vulnerability Management Important?
Chris Ayliffe, Chief Marketing Officer
05.06.23
8 min read
In the digital age, cyber security is more important than ever. As technology continues to advance and become an integral part of our daily lives, so do the threats that seek to exploit it. Staying on top of cybersecurity is an essential part of any organisation’s security plan and plays a key role in protecting your business from hackers, viruses, malware, ransomware and other threats. It helps to identify weaknesses within systems as well as patching them up to minimise the risk of a breach or attack.
Read more
Vulnerability Management
How to Automate Vulnerability Management
Chris Ayliffe, Chief Marketing Officer
04.05.23
10 min read
Maintaining your business’s cyber security has become an essential part of running a successful organisation. With the increase in data breaches and hackers, protecting yourself against threats is more important than ever. One reliable way to streamline this process and keep your business safe online is by automating vulnerability management using specialised tools and software. But what exactly does that mean? Below, we're going to explain everything you need to know about automated vulnerability management so you can protect yourself against potential threats without taking too much valuable time away from other aspects of running your business.
Read more
Compliance
How to Implement ISO 27001
Chris Ayliffe, Chief Marketing Officer
12.04.23
9 min read
Everyone knows that cybersecurity is a crucial component of ensuring the safety and protection of your business, its data, and its customers. Unfortunately, not everyone has the level of understanding necessary to build an effective cybersecurity strategy. There are many different ways a business or individual can improve the strength of their online security and figuring out the best place to start can be overwhelming, confusing or downright terrifying, but it doesn’t have to be.
Read more
Vulnerability Management
What You Need to Know About the Vulnerability Management Lifecycle
Chris Ayliffe, Chief Marketing Officer
04.04.23
9 min read
It’s very easy to become overwhelmed when thinking about cybersecurity. It seems like there’s some sort of virus, bug or scam lurking almost everywhere these days. It’s true that the threats to cyber security that businesses and even the general public face every single day have never been higher, but you might not need to stress as much as you think because the methods of dealing with these kinds of problems have also evolved and become more sophisticated.
Read more
Cybersecurity
How Should Companies Handle Ransomware?
Read moreChris Ayliffe, Chief Marketing Officer
03.03.23
9 min read

Vulnerability Management
What is a Vulnerability Management Program?
Chris Ayliffe, Chief Marketing Officer
03.03.23
9 min read
In an interconnected world it’s incredibly important to be aware of cybersecurity. Hackers and scammers are becoming an increasingly pertinent problem for any business that has an online presence or uses connected software. Globally, more than 30,000 websites are attacked by hackers or malware every day. This figure means that more than 64% of businesses in the world have experienced some sort of cyber attack in the last year alone.
Read more
Cybersecurity
Log4Shell worst-case scenario
Jon Taylor, Chief Operating Officer
22.12.22
4 min read
Log4Shell, prepare for anything!
Read more
Cybersecurity
Log4j / Log4Shell
Jóhann Páll Kulp, CISO, Chief Security Officer
15.12.21
3 min read
Nanitor is not affected by the Log4j vulnerability.
Read more