Category Archives: Vulnerability Management

A Conference By Any Other Name

Ed Bellis    May 14, 2013

Last week I had the opportunity to present at the Best Practices for Technology Symposium. I have to be honest, I’ve never heard of this event and given the name it’s easily missed. In fact, given my recent post on “best practices” and vanity metrics I would have likely avoided an event with such a name. But that would have… Read more »

See Our New Features in Action!

Andrea Bailiff-Gush    April 9, 2013

As you may recall reading, our development team has been busy over the last few weeks rolling out new features that will make it even easier to manage and monitor your vulnerabilities.We want to invite you to join us on Wednesday, April 17th at 2:00PM ET for a webinar given by Risk I/O CEO, Ed Bellis. Ed will provide an overview of these… Read more »

Remediate…Like a Boss

Ed Bellis    March 12, 2013

The Risk I/O dev team has been developing features at a ridiculous pace with no signs of slowing down. We will be releasing a host of new functionality to our vulnerability intelligence platform over the weeks to come, so stay tuned. Our latest additions will help you identify patches that will reduce the most amount of risk across your environment… Read more »

The Role of Security Mapping in Vulnerability Management

guest blogger    February 7, 2013

Increasingly, security management organizations are coming to rely on a unique type of geography to recognize where threats and vulnerabilities are active, and where security exploits are occurring. The geography in question maps fairly closely to the physical map of the world. Because Internet links that connect sites and users to service providers are involved, along with prevailing local Internet… Read more »

Five Architectural Requirements for an Agile Vulnerability Intelligence Platform

admin    January 24, 2013

This is the third post in a three-part series on Agile Risk Intelligence. The complete Agile Risk Intelligence e-book is now available. With vulnerability scanners deployed across the stack and the organization, security managers are swimming in data, but struggling to make sense of it. As I blogged about previously, current approaches lack the context and global visibility to deliver meaningful insight…. Read more »

Heads Up! (Display)

Ed Bellis    January 22, 2013

I’m happy to share our latest enhancement to visualizing your vulnerability data. Today, we are launching a new Heads-Up Display (HUD): a “mini dashboard” if you will,  that allows you to visualize the current state of your vulnerabilities and defects. Our new Heads-Up Display shows a live presentation of your vulnerabilities. It provides up-to-the-minute information on aspects of your vulnerability… Read more »

Open-Source Cancer

Mike    November 29, 2012

If cancer can be open sourced, why can’t security? I’m a huge fan of TED Talks. The value I get out of watching them is unmatched by other series of media. One in particular has been on my mind a lot lately. You may have seen it mentioned on CNN: Salvatore Iaconesi is a 39-year-old TED fellow and the artist… Read more »

Validating Vulnerabilities with Metasploit

Ed Bellis    September 13, 2012

We recently added the ability to track publicly available exploits for any vulnerabilities discovered in your environment, regardless of how they were discovered. We viewed this as a step in the right direction and one of many factors that go into prioritizing remediation efforts. Our friend Mike Rothman over at Securosis took notice of this, both acknowledging the need while… Read more »

Hitting Above the Security Mendoza Line

Ed Bellis    August 14, 2012

Risk I/O can now be used to identify publicly available exploits to your existing vulnerabilities. Our development team has made it possible for Risk I/O to match attack vectors from databases of quality assured exploits, such as Metasploit and ExploitDB, to applicable vulnerabilities. This information, paired with vulnerability data from assessment tools, allows you to understand how your organization is… Read more »