Author Archives: Ed Bellis

Ed Bellis

About Ed Bellis

Ed is the CTO and a Cofounder of Kenna.

Free As In Beer!

Ed Bellis    November 16, 2011

If you’ve been on our website lately, you may have noticed that our pricing page is looking a little different. We have recently restructured our pricing plans to allow organizations of all sizes—and with all kinds of budgets—to effectively manage and secure their data using Risk I/O. We are happy to announce that we’ve adopted a “freemium” pricing model for our plans… Read more »

Ohai HP – It’s Us Again

Ed Bellis    November 4, 2011

Fresh off the heals of launching our HP Fortify connector to integrate your static analysis findings, we’d like to announce our newest connector in the family. This time from HP’s dynamic side of the house – HP WebInspect. If you’re currently using this vulnerability assessment tool as part of your application security program, you can now connect your instance into Risk… Read more »

Borrow a Bee for a Day!

Ed Bellis    October 28, 2011

Here at HoneyApps, we’ve been fortunate enough to have built a great team of really talented individuals. In the spirit of Thanksgiving a few of our employees have decided to give back by allowing you to borrow them and their skills for a day. The catch? You make a donation to a charity agreed to by you and the worker… Read more »

Risk I/O Partners with Qualys Security as a Service Platform

Ed Bellis    October 12, 2011

We are pleased to announce our recent entry into the Solution & Technology Partners Program with Qualys. Qualys and Risk I/O have collaborated to create a simple out-of-the-box connector that pulls vulnerability scan data directly from QualysGuard, and uses Risk I/O to aggregate, correlate and prioritize vulnerabilities for the most effective remediation of possible security threats. Under this partnership, QualysGuard… Read more »

SAST And DAST Like Peanut Butter and Jelly

Ed Bellis    October 3, 2011

Today, our development team added HP Fortify integration with Risk I/O. HP Fortify is a static analysis tool that looks at the source code of an application to identify security flaws within. Fortify’s Static Application Security Testing (SAST) results provide an inside-out view of the vulnerabilities that exist in a software program compared to Dynamic Application Security Testing (DAST) that… Read more »

We Need More “New School”

Ed Bellis    September 26, 2011

One of the most influential books I have read on information security is The New School of Information Security by Adam Shostack and Andrew Stewart. There’s a lot to it and I highly recommend reading it, but the basic premise revolves around using more data to make informed decisions. Think of it a bit as a Moneyball for information security…. Read more »

Our Newest Addition Is Big & Blue

Ed Bellis    September 23, 2011

Our Risk I/O family keeps growing. Today, we added yet another connector to the already growing list of vulnerability assessment connectors in our family. We are very excited to welcome IBM’s AppScan as our newest addition! With our newest connector, you can now integrate directly within your AppScan vulnerability scanner. This empowers you to scan applications, identify vulnerabilities, and generate… Read more »

Introducing….Benchmarking!

Ed Bellis    September 19, 2011

We have made some new and important additions to our Risk I/O dashboard recently. In addition to “out of the box” vulnerability metrics, we have begun the rollout of our benchmarking tab. This tab allows you to compare your metrics and statistics against your peers across the industry in order to gauge your overall vulnerability management performance. We have started… Read more »