Category Archives: Big Data

“Threat Intelligence” By Any Other Name: RSA 2014 Recap

Michael Roytman    March 4, 2014

I’m told that every year RSA has a theme, and that this theme is predictive of the year to come for the information security industry. Sometimes, that theme is hidden. Other times, (such as last year) that theme is a race car engine with the words “Big Data” splattered all over it jumping out at you on every corner. At… Read more »

What I Learned at BayThreat 2013

rhuber    December 9, 2013

BayThreat, an annual bay area information security conference, was this past weekend. As in years past it was top notch and well organized. The conference returned to it’s old home, the Hacker Dojo, for this fourth incarnation. Some highlights (in no particular order): Nick Sullivan spoke on white box cryptography, and the lack of a current open source implementation. White… Read more »

Stop Fixing All The Things – Our BSidesLV Talk

Michael Roytman    August 6, 2013

Last week at BSidesLV, Ed Bellis and I presented our view on how vulnerability statistics should be done. We think it’s a different and useful approach to vulnerability assessments. Our contention is that the definitions of vulnerabilities in NVD and OSVDB are just that – definitions. As security practitioners, we care about which vulnerabilities matter. Much like looking at a… Read more »

Learn About How We’re Using Real-Time Attack Data!

Andrea Bailiff-Gush    June 24, 2013

The Risk I/O vulnerability intelligence platform has gotten smarter and even more powerful and we want you to see just how. As you may have heard, we recently announced the addition of real-time attack data to our vulnerability intelligence platform. This addition allows Risk I/O to correlate internet attack traffic with your vulnerabilities to help prioritize your remediation efforts. We’d… Read more »

Introducing Real-Time Attack Data to Risk I/O

jheuer    June 19, 2013

Today we are announcing the addition of real-time attack data to our Risk I/O vulnerability intelligence platform. With this addition, our vulnerability intelligence platform now offers smarter priority sorting based on real world data, giving insight into where attacks are most likely to occur. Using a processing engine, Risk I/O correlates live attack data from multiple sources, and prioritizes vulnerabilities… Read more »

Data Fundamentalism

Michael Roytman    April 26, 2013

A Tale of Two Uncertainties There are fields where precision is of the utmost importance. In fields of exploration (physics, chemistry, arguably mathematics), we attempt to seek out the truths of the world around us, to get better and better models of what’s going on. In fields of manufacturing (chocolate making, farming, engine casting) precision matters because it produces better… Read more »

Playing Around with Game Theory: Smart Data > Big Data

Michael Roytman    February 6, 2013

There’s been a lot of talk about Big Data in the security space over the past couple of years, and it seems that almost every week a new Big Data offering enters the space, whether it’s in discussion, in development, or in production. It’s no secret that here at Risk I/O, we’ve embraced the industry’s demands and are hard at… Read more »

Joining the Data Revolution

Andrea Bailiff-Gush    August 22, 2012

Here at Risk I/O, we’re really big fans of data. Given the right data you can make insightful business decisions very quickly. This is one of the core values we build into every feature release. With our data-driven approach to security, we’re excited to have been selected by the DataWeek Awards as a Top Innovator in the Security/e-Governance category. This is the first… Read more »

We Need More “New School”

Ed Bellis    September 26, 2011

One of the most influential books I have read on information security is The New School of Information Security by Adam Shostack and Andrew Stewart. There’s a lot to it and I highly recommend reading it, but the basic premise revolves around using more data to make informed decisions. Think of it a bit as a Moneyball for information security…. Read more »