Tag Archives: metrics

Stop Fixing All The Things – Our BSidesLV Talk

Michael Roytman    August 6, 2013

Last week at BSidesLV, Ed Bellis and I presented our view on how vulnerability statistics should be done. We think it’s a different and useful approach to vulnerability assessments. Our contention is that the definitions of vulnerabilities in NVD and OSVDB are just that – definitions. As security practitioners, we care about which vulnerabilities matter. Much like looking at a… Read more »

Metricon 8 From Outside the Establishment: Size Does(n’t?) Matter.

Michael Roytman    March 8, 2013

This was my first time attending RSA, and on top of that I am fairly new to the Security industry. If RSA were a Senate race, I would be Ashley Judd. I am not, however, new to statistics. The following is an outsider’s perspective on Metricon, one without any preconceptions of the space. Spoiler: to be more secure as an… Read more »

Introducing….Benchmarking!

Ed Bellis    September 19, 2011

We have made some new and important additions to our Risk I/O dashboard recently. In addition to “out of the box” vulnerability metrics, we have begun the rollout of our benchmarking tab. This tab allows you to compare your metrics and statistics against your peers across the industry in order to gauge your overall vulnerability management performance. We have started… Read more »

Our Need For Security Intelligence

Ed Bellis    May 3, 2011

Note: This post is an archive and was originally posted on CSO Online. I will be posting a follow up to this with additional ways to use data and intelligence tools to help make security decisions. No I am not speaking of military intelligence, but rather, business intelligence within a security context. Business intelligence and decision support systems have now… Read more »