Category Archives: Guest Blogger

Vulnerability Management Decision Support: Identifying & Prioritizing Zero-Day Vulnerabilities

Andrea Bailiff-Gush    November 10, 2014

This is a guest blog post by Josh Ray, Senior Intelligence Director for Verisign iDefense Security Intelligence Services. One of the biggest challenges facing security teams today is staying up-to-date on the ever-changing security threat landscape. The inclusion of Verisign iDefense Security Intelligence Services’ zero-day vulnerability intelligence into Risk I/O’s threat processing engine provides security practitioners with actionable intelligence on… Read more »

The Role of Security Mapping in Vulnerability Management

guest blogger    February 7, 2013

Increasingly, security management organizations are coming to rely on a unique type of geography to recognize where threats and vulnerabilities are active, and where security exploits are occurring. The geography in question maps fairly closely to the physical map of the world. Because Internet links that connect sites and users to service providers are involved, along with prevailing local Internet… Read more »

Using Databases to Automate Assessment and Remediation

guest blogger    January 31, 2013

The National Vulnerability Database (aka NVD) is a US Government repository for standards-based vulnerability management data. Its content is represented using the Security Content Automation Protocol, SCAP (pronounced “ess-cap”). SCAP is designed to facilitate reporting, collection, management, and monitoring of vulnerability data through automated software facilities. SCAP encompasses a wide range of inputs and information, and enables automation of vulnerability management,… Read more »

The Real Value of Precognition

guest blogger    December 19, 2012

Vulnerability precognition is an interesting concept, but it leads to interesting and valuable threat mitigations. Rather than relying on some mystical ability to see events before they occur—the more usual meaning for “precognition”—vulnerability precognition arises from an assessment technique known as predictive analytics. It’s worth unpacking and exploring this terminology to get a sense not just for its meaning, but… Read more »

Crowdsourcing Vulnerability Intelligence

guest blogger    December 6, 2012

This is the first post in our guest blogging series. If you are interested in writing for Risk I/O, visit our Guest Blogging page for more information. Strictly speaking, crowdsourcing refers to a model for problem solving that depends on turning requests for information, service, or even ideas over to an unknown but reachable group of potential participants to seek… Read more »