Category Archives: Industry

Talking Big Data & Cyber Risk Intelligence at Cybertech Tel Aviv 2018

Sam Osborn    January 25, 2018

2017 was the year that cybersecurity became front page news. High profile attacks such as NotPetya and WannaCry served as blaring wake up calls, heralding a new wave of cyber threats with ever more devastating consequences for the businesses affected. These attacks are, unfortunately, part of a trend rather than isolated instances. Breaches are becoming increasingly pervasive, with Gemalto’s Breach… Read more »

We are a 2017-18 Cloud Awards Program Finalist for Security Innovation of the Year

Chloe Messdaghi    December 20, 2017

We’ve been named as a finalist in the 2017-2018 Cloud Awards Program for its entry in the Security Innovation of the Year category! The cloud computing awards program celebrates excellence and innovation in the rapid-growth cloud computing market. The awarding body accepts applications worldwide, covering the US, Canada, Australasia and EMEA. Organizations of any size are accepted for consideration in… Read more »

Equifax Lessons: Risk Hunting at Scale

Michael Roytman    September 15, 2017

This past week has seen another high profile breach in the news, one of the largest ever, and apparently the result of a known vulnerability.  Looking back at our analysis of the WannaCry attacks, we examined what we could  learn about prioritization from our 1 billion vulnerabilities under management. Out of those billion vulnerabilities, 259,451,953 were CVSS score of 9… Read more »

Say Hello to Kenna

Karim Toubba    August 4, 2015

Our company has officially changed its name from Risk I/O to Kenna. Why the change? The name “Kenna” is a play on the Middle English verb “to ken,” or “to know.” And that’s what we strive to give our customers—the ability to know what to prioritize and remediate, as well as a way to understand their full risk landscape. Kenna… Read more »

Five Common Vulnerability Management Mistakes to Avoid

Ed Bellis    July 21, 2015

Vulnerability Management is often undersourced and undertooled, and yet stands at the epicenter of protecting the organization from a breach. Bringing to bear best practices can mean the difference between success and failure, but what does “best practices” mean and what evidence exists that supports them? In the trenches as former CISO of Orbitz as well as my work with… Read more »

The Three CVEs that You’re Not Paying Attention to (But Probably Should)

Michael Roytman    June 17, 2015

The Risk I/O philosophy is all about fixing what matters – that is, using data to make decisions that make the most of the limited actions you can take in a day, a week, a month. It’s not about the sheer volume of vulnerabilities that your team closes — it’s closing the ones that reduce your overall risk the most…. Read more »

Catching Bees with Honey – One HoneyPot Farm’s Quest to Protect the Net

David Hunt    June 11, 2015

They say you can catch more bees with honey than vinegar. On the web, that bee is someone hacking through the layers of the web itself. The honey is the vulnerability of poorly secured websites and servers. When lucky, the hacker finds a way to get to the data and can harvest it for his or her own benefit. But… Read more »

Looking Before & Beyond a Breach: Lessons from a DBIR Featured Contributor

Michael Roytman    April 16, 2015

As you may know, the 2015 Verizon Data Breaches Investigations Report was recently released. This is the “gold standard” research document for information security, and we’re proud to say that Risk I/O was a featured vulnerabilities contributor, providing a rich correlated threat data set that spans 200M+ successful exploitations across 500+ common vulnerabilities and exposures from over 20,000 enterprises in more… Read more »

Vulnerability Management for the Midsize

Ed Bellis    March 19, 2015

It’s not fair. The big companies have the teams, the tools, and the processes required in order to run a best-in-class vulnerability management program. But guess what? The bad guys don’t care about how big you are. In fact, non-targeted exploits accounted for 75% of the breaches from Verizon’s 2013 Data Breach Investigation Report—meaning even mid-sized companies are equally or… Read more »

What a Difference a Year Makes: Reflecting on our Dell SecureWorks Partnership

Ryan Cunnane    February 18, 2015

What a different a year makes. Nearly a year ago, Risk I/O was in the beginning phases of what would become one of our greatest successes to date: a partnership with Dell SecureWorks.  As we celebrate the one-year anniversary of the partnership, we wanted to highlight its significance and firm validation in the marketplace. Partnership highlights include: Threat intelligence supplied by Dell SecureWorks’… Read more »