Category Archives: Uncategorized

Equifax Lessons: Risk Hunting at Scale

Michael Roytman    September 15, 2017

This past week has seen another high profile breach in the news, one of the largest ever, and apparently the result of a known vulnerability.  Looking back at our analysis of the WannaCry attacks, we examined what we could  learn about prioritization from our 1 billion vulnerabilities under management. Out of those billion vulnerabilities, 259,451,953 were CVSS score of 9… Read more »

Treating the Root Cause: Security in Healthcare

Michael Roytman    August 29, 2017

Treating the Root Cause: Security in Healthcare Security is healthcare, and it’s apparent even in the language we use to describe malicious software. Viruses, worms and the like have long been examples of malware so-called because they propagate as disease, but more relevantly to us – they are also treated as such. Symptomatic treatment is any medical therapy of a… Read more »

August 24th – Kenna Platform Demo

Chloe Messdaghi    August 15, 2017

Wish you weren’t overwhelmed by a metric ton of vulnerabilities? Wish you had a better way to understand your company’s exposure to risk? In 30 minutes, discover how the Kenna platform grants those wishes, and more. During the demo, we will cover: How Kenna’s algorithm works to correlate scan data with real-world exploit intelligence How to get started with a Kenna… Read more »

Introducing Easy, Accessible, Relevant 0-Day Data — via Exodus

Greg Howard    February 7, 2017

We’re thrilled to announce the go-live of our partnership with Exodus, giving us the ability to offer our customers premium access to 0-day data. Many of our customers have sophisticated vulnerability management programs, and they care a great deal about fortifying their efforts with zero-day intelligence. However, zero-day information is extraordinarily difficult to integrate with internal assets and meta data,… Read more »

New Zero-Day Exploit Intelligence – Introducing Exodus

Greg Howard    August 1, 2016

One of Kenna’s primary differentiators is its use of external exploit intelligence. It’s that real-time context, informed by Kenna’s own proprietary, patented algorithm, which makes our customers’ vulnerability scan data tell a story. We’re able to provide a “headline news” of what’s happening in our customer’s environments and what threats they need to remediate quickly. (And by the way, when… Read more »

The 2016 DBIR

Karim Toubba    May 11, 2016

This month Kenna Security participated in the Verizon data breach report, and for the second year running we used our data to drive the perspective of the vulnerability section. Since then there have been some questions and criticisms of a specific subset of the data referenced in a footnote in the vulnerability section – namely the top 10 vulnerability list…. Read more »

Enhanced Reporting Capabilities in Kenna: It’s All About Risk

Greg Howard    March 9, 2016

We’re thrilled to announce our new reporting capabilities today. Kenna has always been an unparalleled platform for vulnerability prioritization–enabling security teams to identify their most critical vulnerabilities and take the right actions to help remediate them. But with the introduction of our new reports, Kenna becomes something else: a security analytics platform that helps organizations measure, monitor, and track their… Read more »

Reporting on Risk: One Metric to Bind Them All

Ed Bellis    January 11, 2016

In my previous post, I discussed ways that organizations have typically reported on risk: namely, talking about the number of closed vulnerabilities. I discussed how most stakeholders (and particularly non-technical executives) can’t make heads nor tails out of that kind of reporting. So what’s the best way to truly report on risk? Your first step is to understand the criticality… Read more »