Author Archives: Ed Bellis

Ed Bellis

About Ed Bellis

Ed is the CTO and a Cofounder of Kenna.

Achievement Unlocked: Venture Funding

Ed Bellis    November 13, 2012

Today we’re really excited to announce our latest round of funding and welcome our newest investors to the Risk I/O team. Our new investors include U.S. Venture Partners and Costanoa Venture Capital and I am thrilled to be working directly with Jacques Benkoski, our newest board member, as well as Greg Sands. We also had great participation and validation from our existing investors… Read more »

Validating Vulnerabilities with Metasploit

Ed Bellis    September 13, 2012

We recently added the ability to track publicly available exploits for any vulnerabilities discovered in your environment, regardless of how they were discovered. We viewed this as a step in the right direction and one of many factors that go into prioritizing remediation efforts. Our friend Mike Rothman over at Securosis took notice of this, both acknowledging the need while… Read more »

Hitting Above the Security Mendoza Line

Ed Bellis    August 14, 2012

Risk I/O can now be used to identify publicly available exploits to your existing vulnerabilities. Our development team has made it possible for Risk I/O to match attack vectors from databases of quality assured exploits, such as Metasploit and ExploitDB, to applicable vulnerabilities. This information, paired with vulnerability data from assessment tools, allows you to understand how your organization is… Read more »

If I Told You, I’d Have To Kill You

Ed Bellis    June 11, 2012

I’ve been talking a lot about information sharing within information security lately. Most recently at the ISSA CISO Summit in Denver. The presentation covers some of the new school of information security and walks through a few use cases on data-driven security. Sadly this past week has reminded how much “old school” is still being practiced. We saw a lot… Read more »

Proving A Negative

Ed Bellis    April 19, 2012

Just a quick fun post. Happened to catch this episode of Arthur this morning during the kids breakfast and it sadly reminded me of our industry. One of the big problems in justifying security is proving a negative. In other words, we weren’t hacked so the controls I’ve implemented must be the right ones. Apparently ‘bad luck’ has the same… Read more »

My Keynote At IANS Security Forum

Ed Bellis    April 17, 2012

Last week I had the pleasure of delivering a keynote presentation at the IANS Twin Cities Security Forum. Having been involved and participated in IANS events in the past I knew what to expect. They always do a great job with their Security Forums with a very unique format. Probably what I like the most about these forums is the… Read more »

Our Latest Integration

Ed Bellis    March 26, 2012

Hot on the heels of launching role-based access control which allows you to control who has access to what in Risk I/O (all the way down to the vulnerability level), we have added integration with a new vulnerability assessment tool. (Drum roll please…) We are happy to announce that integration with the Burp Scanner is now available in Risk I/O! For… Read more »