The summaries on the @orlysec account, aren't they a bit to technical? Or is that perhaps a good thing?
Thinking of perhaps making them a little bit more light on the technical details and a little bit more towards ... executive level brief?
Good or bad?
@nopatience @orlysec I find them too technical but I may not be the target for them.
If I take a recent one for example (https://swecyb.com/@orlysec/116297544092235358), I think many words make reading the summary unnecessarily complex. As an example, "csm_processes", "sajaxintf.cgi" and "pjb.cgi upgradeReadinessCall" are very unlikely to be useful, unless you're a Cisco expert, and therefore clutter the report.
As a result, when I glance at it, I don't grasp the key messages simply and therefore move on.
Again, while I have a technical background, I'm not a threat analyst and therefore I'm probably not the target for these posts, but since you're asking for feedback, here it is 🙂.
(vulncheck.com) CVE-2026-20079: Cisco Secure Firewall Management Center Authentication Bypass and Root RCE Exploit Chain Analysis CVE-2026-20079 (CVSS 10.0): Unauthenticated RCE in Cisco Secure Firewall Management Center (FMC) via boot-time session fixation (csm_processes), hardcoded creds (report:snortrules), and arbitrary file write (sajaxintf.cgi). Chained exploit achieves root via pjb.cgi upgradeReadinessCall. ~300-700 exposed instances. Patch blocks via X-Auth-User-Type header enforcement. Perl Storable deserialization noted as secondary vector. Source: https://www.vulncheck.com/blog/cisco-fmc-auth-bypass-cve-2026-20079 #Cybersecurity #ThreatIntel
@blout Excellent feeback, appreciate it. Let me try and make an adjustment, I'll include also a shorter non-technical summary, to get the "gist" of the article.
Keep an eye out for an update.
@nopatience that's a good enhancement! The executive summary is much easier to read.
I have doubts that an actual executive can understand it because it remains technical, but I find it a fair trade-off between an executive summary that would be vague saying "technology x has a vulnerability that goes boom" and the technical summary.
So, good job on the addition of this summary which I find much more readable!
@blout Perhaps we could call it... "In short;" Or something like that... to refrain from using the word Executive because yeah... it's not meant for executives, it's meant as a brief and short explanation what the article is about without getting bogged down in details.
Will update and change the text ... a small but important detail.
Christoffer S.
Cyprien