Category Archives: Uncategorized

Introducing Easy, Accessible, Relevant 0-Day Data — via Exodus

Greg Howard    February 7, 2017

We’re thrilled to announce the go-live of our partnership with Exodus, giving us the ability to offer our customers premium access to 0-day data. Many of our customers have sophisticated vulnerability management programs, and they care a great deal about fortifying their efforts with zero-day intelligence. However, zero-day information is extraordinarily difficult to integrate with internal assets and meta data,… Read more »

New Zero-Day Exploit Intelligence – Introducing Exodus

Greg Howard    August 1, 2016

One of Kenna’s primary differentiators is its use of external exploit intelligence. It’s that real-time context, informed by Kenna’s own proprietary, patented algorithm, which makes our customers’ vulnerability scan data tell a story. We’re able to provide a “headline news” of what’s happening in our customer’s environments and what threats they need to remediate quickly. (And by the way, when… Read more »

The 2016 DBIR

Karim Toubba    May 11, 2016

This month Kenna Security participated in the Verizon data breach report, and for the second year running we used our data to drive the perspective of the vulnerability section. Since then there have been some questions and criticisms of a specific subset of the data referenced in a footnote in the vulnerability section – namely the top 10 vulnerability list…. Read more »

Enhanced Reporting Capabilities in Kenna: It’s All About Risk

Greg Howard    March 9, 2016

We’re thrilled to announce our new reporting capabilities today. Kenna has always been an unparalleled platform for vulnerability prioritization–enabling security teams to identify their most critical vulnerabilities and take the right actions to help remediate them. But with the introduction of our new reports, Kenna becomes something else: a security analytics platform that helps organizations measure, monitor, and track their… Read more »

Reporting on Risk: One Metric to Bind Them All

Ed Bellis    January 11, 2016

In my previous post, I discussed ways that organizations have typically reported on risk: namely, talking about the number of closed vulnerabilities. I discussed how most stakeholders (and particularly non-technical executives) can’t make heads nor tails out of that kind of reporting. So what’s the best way to truly report on risk? Your first step is to understand the criticality… Read more »

A Holiday Poem about…Vulnerability Management?

Greg Howard    December 11, 2015

We sent out a little poem to our customers, and we thought you might want to see it. Any resemblance to widely known holiday poems, either living or dead, is entirely coincidental. t’s almost year end, and you must understand Security pros everywhere are tired of their scans We’re talking Qualys, Nessus —Rapid7 too— Producing too much data and making… Read more »

New Kenna Research: The Remediation Gap

Greg Howard    October 12, 2015

Following on our work in this year’s Verizon Data Breach Information Report, Kenna recently published a kind of sequel: “The Remediation Gap: Why Companies Are Losing the Battle Against Non-targeted Attacks.” Authored by our chief data scientist Michael Roytman, the report examined the proliferation of non-targeted attacks and companies’ ability to counter these threats through quick remediation. Kenna analyzed 50,000… Read more »