Category Archives: Open Source

Security As Code at Cloud Security World

Ed Bellis    May 28, 2015

Last week Jason Rohwedder and I had the privilege of presenting a cloud automation use case at Cloud Security World. Our talk not only covered how we automate much of our security at Risk I/O, but how we use DevOps principles to ensure our security controls are consistent even at a high velocity. While we have spoken about some of… Read more »

Risk I/O Now Integrates With OpenVAS

Ed Bellis    October 6, 2014

Last week we quietly launched our 26th and latest connector. With our latest integration our customers can load their OpenVAS results directly into Risk I/O for threat processing and prioritization. To take advantage of the OpenVAS integration, navigate to the Connectors tab and click New Connector. From there select the OpenVAS connector, name it and save it. You can then click… Read more »

On Physical Security

rhuber    March 31, 2014

Our mission at Risk I/O is to help businesses understand threats to their infrastructure, but as security practitioners we are interested in many forms of security, including physical. This blog post concerns something of particular interest to me, securing my office and a nearly successful theft, which was thwarted by a bit of hobbyist tech. Risk I/O is an emerging… Read more »

“Threat Intelligence” By Any Other Name: RSA 2014 Recap

Michael Roytman    March 4, 2014

I’m told that every year RSA has a theme, and that this theme is predictive of the year to come for the information security industry. Sometimes, that theme is hidden. Other times, (such as last year) that theme is a race car engine with the words “Big Data” splattered all over it jumping out at you on every corner. At… Read more »

What I Learned at BayThreat 2013

rhuber    December 9, 2013

BayThreat, an annual bay area information security conference, was this past weekend. As in years past it was top notch and well organized. The conference returned to it’s old home, the Hacker Dojo, for this fourth incarnation. Some highlights (in no particular order): Nick Sullivan spoke on white box cryptography, and the lack of a current open source implementation. White… Read more »

Mitigating Application DoS: SecTor Conference Talk

rhuber    October 14, 2013

I was recently invited to speak at one of my favorite security conferences, SecTor in Toronto. Many thanks to Risk I/O for giving me some official time to work on this side project over the last month (side note: we are hiring!). This blog post will summarize my SecTor presentation on application Denial of Service attacks. Application DoS has seen… Read more »

Open-Source Security Contributions

Mike    May 23, 2013

Today, I want to write a followup to my previous post about open sourcing security. Specifically, it focused on a TED Talk describing an amazing experiment in which a recently diagnosed Mr. Iaconesi had open sourced his medical records in an attempt to decipher his condition using the greater good of the open-source community. Obviously, cancer and security in the technology… Read more »