Category Archives: Vulnerability Management

SIRAcon Attendees, Start Your Engines

Michael Roytman    October 25, 2013

“Information is the oil of the 21st century, and analytics is the combustion engine.” –  Peter Sondergaard, SVP Gartner This week I attended SIRAcon in Seattle, a conference hosted by the Society of Information Risk Analysts. I spoke about the methodology behind Risk I/O’s “fix what matters” approach to vulnerability management, and how we use live vulnerability and real-time breach data… Read more »

Introducing Quick Lists

Ed Bellis    July 24, 2013

As you may have read, the Risk I/O platform now correlates live Internet attack data with your vulnerabilities. As your vulnerabilities are processed, we append any vulnerability with additional data around attacks, threats, or exploits. Together, they help to identify where attacks are most likely to occur within your environment. With the addition of this data, Risk I/O is now… Read more »

Stop Putting Rocks in the Vault

rhuber    June 6, 2013

Imagine you are handed two items, a rock and a 400-troy-ounce bar of gold, and are tasked with protecting each from theft. You will spend more time considering how to secure the gold than the rock, because you know the underlying value of each. Context matters, yet vulnerability management systems often work under the assumption that all of your assets… Read more »

A Conference By Any Other Name

Ed Bellis    May 14, 2013

Last week I had the opportunity to present at the Best Practices for Technology Symposium. I have to be honest, I’ve never heard of this event and given the name it’s easily missed. In fact, given my recent post on “best practices” and vanity metrics I would have likely avoided an event with such a name. But that would have… Read more »

See Our New Features in Action!

Andrea Bailiff-Gush    April 9, 2013

As you may recall reading, our development team has been busy over the last few weeks rolling out new features that will make it even easier to manage and monitor your vulnerabilities.We want to invite you to join us on Wednesday, April 17th at 2:00PM ET for a webinar given by Risk I/O CEO, Ed Bellis. Ed will provide an overview of these… Read more »

Remediate…Like a Boss

Ed Bellis    March 12, 2013

The Risk I/O dev team has been developing features at a ridiculous pace with no signs of slowing down. We will be releasing a host of new functionality to our vulnerability intelligence platform over the weeks to come, so stay tuned. Our latest additions will help you identify patches that will reduce the most amount of risk across your environment… Read more »

The Role of Security Mapping in Vulnerability Management

guest blogger    February 7, 2013

Increasingly, security management organizations are coming to rely on a unique type of geography to recognize where threats and vulnerabilities are active, and where security exploits are occurring. The geography in question maps fairly closely to the physical map of the world. Because Internet links that connect sites and users to service providers are involved, along with prevailing local Internet… Read more »

Five Architectural Requirements for an Agile Vulnerability Intelligence Platform

admin    January 24, 2013

This is the third post in a three-part series on Agile Risk Intelligence. The complete Agile Risk Intelligence e-book is now available. With vulnerability scanners deployed across the stack and the organization, security managers are swimming in data, but struggling to make sense of it. As I blogged about previously, current approaches lack the context and global visibility to deliver meaningful insight…. Read more »

Heads Up! (Display)

Ed Bellis    January 22, 2013

I’m happy to share our latest enhancement to visualizing your vulnerability data. Today, we are launching a new Heads-Up Display (HUD): a “mini dashboard” if you will,  that allows you to visualize the current state of your vulnerabilities and defects. Our new Heads-Up Display shows a live presentation of your vulnerabilities. It provides up-to-the-minute information on aspects of your vulnerability… Read more »

Open-Source Cancer

Mike    November 29, 2012

If cancer can be open sourced, why can’t security? I’m a huge fan of TED Talks. The value I get out of watching them is unmatched by other series of media. One in particular has been on my mind a lot lately. You may have seen it mentioned on CNN: Salvatore Iaconesi is a 39-year-old TED fellow and the artist… Read more »