Author Archives: Ed Bellis

Ed Bellis

About Ed Bellis

Ed is the CTO and a Cofounder of Kenna.

Heads Up! (Display)

Ed Bellis    January 22, 2013

I’m happy to share our latest enhancement to visualizing your vulnerability data. Today, we are launching a new Heads-Up Display (HUD): a “mini dashboard” if you will,  that allows you to visualize the current state of your vulnerabilities and defects. Our new Heads-Up Display shows a live presentation of your vulnerabilities. It provides up-to-the-minute information on aspects of your vulnerability… Read more »

Achievement Unlocked: Venture Funding

Ed Bellis    November 13, 2012

Today we’re really excited to announce our latest round of funding and welcome our newest investors to the Risk I/O team. Our new investors include U.S. Venture Partners and Costanoa Venture Capital and I am thrilled to be working directly with Jacques Benkoski, our newest board member, as well as Greg Sands. We also had great participation and validation from our existing investors… Read more »

Validating Vulnerabilities with Metasploit

Ed Bellis    September 13, 2012

We recently added the ability to track publicly available exploits for any vulnerabilities discovered in your environment, regardless of how they were discovered. We viewed this as a step in the right direction and one of many factors that go into prioritizing remediation efforts. Our friend Mike Rothman over at Securosis took notice of this, both acknowledging the need while… Read more »

Hitting Above the Security Mendoza Line

Ed Bellis    August 14, 2012

Risk I/O can now be used to identify publicly available exploits to your existing vulnerabilities. Our development team has made it possible for Risk I/O to match attack vectors from databases of quality assured exploits, such as Metasploit and ExploitDB, to applicable vulnerabilities. This information, paired with vulnerability data from assessment tools, allows you to understand how your organization is… Read more »

If I Told You, I’d Have To Kill You

Ed Bellis    June 11, 2012

I’ve been talking a lot about information sharing within information security lately. Most recently at the ISSA CISO Summit in Denver. The presentation covers some of the new school of information security and walks through a few use cases on data-driven security. Sadly this past week has reminded how much “old school” is still being practiced. We saw a lot… Read more »

Proving A Negative

Ed Bellis    April 19, 2012

Just a quick fun post. Happened to catch this episode of Arthur this morning during the kids breakfast and it sadly reminded me of our industry. One of the big problems in justifying security is proving a negative. In other words, we weren’t hacked so the controls I’ve implemented must be the right ones. Apparently ‘bad luck’ has the same… Read more »

My Keynote At IANS Security Forum

Ed Bellis    April 17, 2012

Last week I had the pleasure of delivering a keynote presentation at the IANS Twin Cities Security Forum. Having been involved and participated in IANS events in the past I knew what to expect. They always do a great job with their Security Forums with a very unique format. Probably what I like the most about these forums is the… Read more »