Exploits
In what year was Log4Shell initially exploited?
What is 2021?
What is the range of scores for CVSS scores?
What is 0.0-10.0
This principle ensures vendors only have access to the systems and data necessary for their role.
What is Least Privilege?
This happens every month when security teams rush to test and deploy Adobe updates.
What is Patch Tuesday?
This use of AI involves creating realistic human voices or faces synthetically.
What are Deepfakes?
This breach exposed millions of records due to an unpatched Apache Struts vulnerability.
What is the Equifax Breach?
This tool is widely used for web application security testing and proxying traffic.
Burp Suite
On HackerOne, this metric tracks how long it takes to review and respond to a new submission.
What is Time-To-Triage?
This Adobe service provides identity and access management across Adobe products.
What is Adobe Identity Management (Adobe IMS)?
This term describes when AI surpasses human intelligence (theoretical).
What is the Singularity?
This ransomware attack in 2017 spread using EternalBlue.
What is WannaCry?
This term refers to the time between vulnerability disclosure and patch application.
What is Mean Time to Remediate (MTTR)
This framework provides standardized control sets often used to assess vendors’ security maturity.
What is NIST (or ISO 27001 / CIS Controls)?
This mitigation technique used by Adobe helps prevent exploitation by isolating processes.
What is Sandboxing?
This attack manipulates input to trick an AI system into unintended behavior.
What is Prompt Injection?
This vulnerability allowed attackers to leak sensitive CPU data via speculative execution.
What is Spectre (or Meltdown)?
This type of patch fixes a vulnerability without requiring a system reboot.
What is a Hotfix?
This shared assessment model reduces duplicate vendor questionnaires across organizations.
What is SIG (Standardized Information Gathering Questionnaire)?
Adobe acquired this design platform in 2012, expanding into digital marketing.
What is Behance?
This technique improves AI responses by providing external data at query time.
What is Retrieval-Augmented Generation (RAG)?
How many CVEs were added to the CISA KEV list in 2025 (rounded to the nearest 50)?
This emerging risk involves vulnerabilities in software dependencies and pipelines.
What is a Supply Chain Attack?
This vulnerability type has historically affected Flash Player, contributing to its eventual end-of-life.
What is Use-After-Free (or Memory Corruption)?
This IBM AI famously defeated chess champion Garry Kasparov in 1997.
What is Deep Blue?