Category Archives: Industry

Risk I/O Joins Rapid7’s Technology Alliances

Andrea Bailiff-Gush    December 14, 2011

We are pleased to announce our recent entry into the Technology Alliances program with Rapid7. Earlier this year, Rapid7 and Risk I/O collaborated to create a simple out-of-the-box connector that pulls vulnerability scan data directly from Rapid7’s Nexpose, and uses Risk I/O to aggregate, correlate and prioritize vulnerabilities for the most effective remediation of possible security threats. Through this collaboration, Nexpose users can… Read more »

Are The Feds Going New School?

Ed Bellis    December 1, 2011

Probably not… As much as the headlines of a new bill in Washington grabbed my interest with a twinkle of hope, it turns out in some ways this may be a step away from a new wave of information sharing. It appears to promote information sharing regarding security breaches between the private sector and the government by blanketing companies with… Read more »

Same As It Ever Was

Ed Bellis    November 21, 2011

A couple of weeks ago I was invited by IANS to participate in a panel presentation in one of their Executive Client Briefings. The theme for the event was on building risk-based management frameworks and I headed up the Next Generation Threat Management portion. First off, many thanks to the folks at IANS for having me, as usual they did… Read more »

Borrow a Bee for a Day!

Ed Bellis    October 28, 2011

Here at HoneyApps, we’ve been fortunate enough to have built a great team of really talented individuals. In the spirit of Thanksgiving a few of our employees have decided to give back by allowing you to borrow them and their skills for a day. The catch? You make a donation to a charity agreed to by you and the worker… Read more »

Risk I/O Partners with Qualys Security as a Service Platform

Ed Bellis    October 12, 2011

We are pleased to announce our recent entry into the Solution & Technology Partners Program with Qualys. Qualys and Risk I/O have collaborated to create a simple out-of-the-box connector that pulls vulnerability scan data directly from QualysGuard, and uses Risk I/O to aggregate, correlate and prioritize vulnerabilities for the most effective remediation of possible security threats. Under this partnership, QualysGuard… Read more »

We Need More “New School”

Ed Bellis    September 26, 2011

One of the most influential books I have read on information security is The New School of Information Security by Adam Shostack and Andrew Stewart. There’s a lot to it and I highly recommend reading it, but the basic premise revolves around using more data to make informed decisions. Think of it a bit as a Moneyball for information security…. Read more »

Talking InfoSec with the Experienced – RSA Edition

Ed Bellis    January 3, 2011

I’m honored to be invited by Rich Mogull of Securosis to participate on a panel at the RSA Security Conference. It’s part of the Experienced Security Professional program (e10+) and appears to be a pretty cool event. We’ll be talking appsec, advanced attacks, cloud security and compliance among other things with David Mortman who had one of the most under appreciated talks… Read more »

Our 2011 Security Predictions

Ed Bellis    December 8, 2010

Now is the time of year when all of the pundants, analysts, and vendors start producing their wonderfully insightful predictions on the security industry. They always include horrible things that take down the internet and life as we know it. So rather than glom on to this tradition within the infosec echo chamber, we have but one prediction for 2011:… Read more »