Category Archives: Network Scanners

Secret #5 of Vulnerability Scanning: You Can Actually Prioritize, Rather Than Just Analyze

Ed Bellis    January 20, 2015

This is the third post by Ed Bellis in a three-part series on Vulnerability Scanning. To view all five secrets and two common “gotchas” of vulnerability scanning, please click here. Typically, security teams spend tons of time putting together Excel spreadsheets and swimming through countless rows of data. Doing so will get the job done, eventually…kind of. But the problem is, as… Read more »

Secret #4 of Vulnerability Scanning: Don’t Dump-and-Run, Make It Consumable

Ed Bellis    January 15, 2015

This is the second post by Ed Bellis in a three-part series on Vulnerability Scanning. To view all five secrets and two common “gotchas” of vulnerability scanning, please click here. You know what I’m talking about when I talk about the infamous dump-and-run. “Here’s your 300-page PDF with a laundry list of every vulnerability known to man!” From what I’ve… Read more »

Secret #1 of Vulnerability Scanning: CVSS Is Only Part of the Picture

Ed Bellis    January 8, 2015

This is the first post by Ed Bellis in a three-part series on Vulnerability Scanning. To view all five secrets and two common “gotchas” of vulnerability scanning, please click here. Information security can be a thankless job. I know, I’ve lived it first-hand. When I ran Security at Orbitz, it was absolutely critical that my team and I stayed on top of… Read more »

Risk I/O Now Integrates With OpenVAS

Ed Bellis    October 6, 2014

Last week we quietly launched our 26th and latest connector. With our latest integration our customers can load their OpenVAS results directly into Risk I/O for threat processing and prioritization. To take advantage of the OpenVAS integration, navigate to the Connectors tab and click New Connector. From there select the OpenVAS connector, name it and save it. You can then click… Read more »

QualysGuard Connector: Now With WAS Inside

Andrea Bailiff-Gush    July 28, 2014

At Risk I/O, we’re always striving to ensure our integrations are seamless and complete. Risk I/O is happy to announce that as of today, our QualysGuard connector has expanded to pull in results from your Qualys VM and Qualys WAS scans. What does this mean for you? If you are a Risk I/O user with a Qualys connector, you’ll see both… Read more »

Announcing Our Latest Integration: Beyond Security

Ed Bellis    June 5, 2014

At Risk I/O, we’ve always made it our mission to integrate with the scanner tools used most. That’s why we’ve added integration with the BeyondSecurity AVDS web scanner to our vulnerability threat management platform. With the new BeyondSecurity AVDS connector, you can discover and eliminate your network’s most serious security weaknesses. Simply sync your scan data via our new connector and Risk I/O will… Read more »

Introducing Nessus Auto-Close with Risk I/O

Ed Bellis    November 13, 2013

One of the common issues with running multiple siloed scanners is tracking the state of vulnerabilities over time. Which vulnerabilities should be closed based on my subsequent findings (or lack thereof)? This problem can be exacerbated when centralizing these point scanners into a central repository such as Risk I/O. Our  Nessus connector now tracks the state of all reported vulnerabilities… Read more »

Nmap + Risk I/O = Peanut Butter + Chocolate

Ed Bellis    September 3, 2013

No, I’m not speaking of a fancy new risk formula, but rather about one of our most popular integrations: Nmap. Nmap can be a pretty powerful tool for asset discovery and figuring out what services and ports are open across your network. It can also be a great way to find configuration issues that could result in security weaknesses for your… Read more »

It’s (A)live! Risk I/O Now Integrates with NTOSpider

rhuber    March 19, 2013

Hot on the heels of our filtered dashboard  and patch reports feature releases, we’re announcing our latest security tool integration. Risk I/O can now integrate with the NTOSpider dynamic application security testing (DAST) solution. Adding NTOSpider to your selection of Risk I/O connectors allows you to leverage its unique capabilities to detect vulnerabilities within your applications. With NTOSpider, you can scan… Read more »

Automate All The Things: Our New-and-Improved API

Mike    January 29, 2013

We recently updated our API and wanted to let you know about it. For those of you unfamiliar with the Risk I/O API, it can be used to automate many functions of Risk I/O including the ability to add vulnerabilities from the few scanners Risk I/O doesn’t directly support, information gleaned from manual assessments, data integration between SIEM, GRC and… Read more »