Category Archives: Data Analysis

The Role of Security Mapping in Vulnerability Management

guest blogger    February 7, 2013

Increasingly, security management organizations are coming to rely on a unique type of geography to recognize where threats and vulnerabilities are active, and where security exploits are occurring. The geography in question maps fairly closely to the physical map of the world. Because Internet links that connect sites and users to service providers are involved, along with prevailing local Internet… Read more »

Playing Around with Game Theory: Smart Data > Big Data

Michael Roytman    February 6, 2013

There’s been a lot of talk about Big Data in the security space over the past couple of years, and it seems that almost every week a new Big Data offering enters the space, whether it’s in discussion, in development, or in production. It’s no secret that here at Risk I/O, we’ve embraced the industry’s demands and are hard at… Read more »

Heads Up! (Display)

Ed Bellis    January 22, 2013

I’m happy to share our latest enhancement to visualizing your vulnerability data. Today, we are launching a new Heads-Up Display (HUD): a “mini dashboard” if you will,  that allows you to visualize the current state of your vulnerabilities and defects. Our new Heads-Up Display shows a live presentation of your vulnerabilities. It provides up-to-the-minute information on aspects of your vulnerability… Read more »

Joining the Data Revolution

Andrea Bailiff-Gush    August 22, 2012

Here at Risk I/O, we’re really big fans of data. Given the right data you can make insightful business decisions very quickly. This is one of the core values we build into every feature release. With our data-driven approach to security, we’re excited to have been selected by the DataWeek Awards as a Top Innovator in the Security/e-Governance category. This is the first… Read more »

Hitting Above the Security Mendoza Line

Ed Bellis    August 14, 2012

Risk I/O can now be used to identify publicly available exploits to your existing vulnerabilities. Our development team has made it possible for Risk I/O to match attack vectors from databases of quality assured exploits, such as Metasploit and ExploitDB, to applicable vulnerabilities. This information, paired with vulnerability data from assessment tools, allows you to understand how your organization is… Read more »

Security Intelligence != SIEM

Ed Bellis    March 5, 2012

I’ve just returned from RSA, BSides and Metricon and thought I would pen a few of my thoughts while they’re still fresh in my mind. On Monday I had the privilege of participating in a panel on Data Driven Security at Metricon 6.5. Scott Crawford moderated and has a great blog series on data driven security. It was an interesting… Read more »

BayThreat: From Shaman to Scientist

Ed Bellis    December 20, 2011

I recently gave an updated talk on my data driven security use case at BayThreat 2 in Mountain View. First off, thanks to Marisa Fagan and all the organizers, this year was even better than last. Also, apologies for not being able to stay for the entire weekend, alas duty called. I have been making my rounds at various security… Read more »

Are The Feds Going New School?

Ed Bellis    December 1, 2011

Probably not… As much as the headlines of a new bill in Washington grabbed my interest with a twinkle of hope, it turns out in some ways this may be a step away from a new wave of information sharing. It appears to promote information sharing regarding security breaches between the private sector and the government by blanketing companies with… Read more »