Tag Archives: risk i/o

Mitigating Application DoS: SecTor Conference Talk

rhuber    October 14, 2013

I was recently invited to speak at one of my favorite security conferences, SecTor in Toronto. Many thanks to Risk I/O for giving me some official time to work on this side project over the last month (side note: we are hiring!). This blog post will summarize my SecTor presentation on application Denial of Service attacks. Application DoS has seen… Read more »

Introducing the Risk Meter

Ed Bellis    October 8, 2013

You may have noticed we’ve been publishing a lot of information lately on what factors go into the likelihood of a successful exploit. Our presentation at BSidesLV and subsequent events touched on some of the work we’ve been doing based on our processing of over a million successful breaches we have observed across the internet. While this data continues to… Read more »

Development in the Cloud, or Cumulus Capable Clowders of Cats

jro    September 10, 2013

An old colleague of mine likened managing engineers to herding cats. I’m not so sure about herding engineers, but managing development environments quickly becomes an exercise in organizing chaos. Every engineer has different needs and a different way of doing things. During a recent data-center migration we moved all of our development environments to the AWS Cloud. Since it turned out to be one… Read more »

Nmap + Risk I/O = Peanut Butter + Chocolate

Ed Bellis    September 3, 2013

No, I’m not speaking of a fancy new risk formula, but rather about one of our most popular integrations: Nmap. Nmap can be a pretty powerful tool for asset discovery and figuring out what services and ports are open across your network. It can also be a great way to find configuration issues that could result in security weaknesses for your… Read more »

Register for the Risk I/O Webinar!

Andrea Bailiff-Gush    February 19, 2013

Risk I/O would like to invite you to see our vulnerability intelligence tool in action on Friday, February 22 at 11:00AM PT/ 2:00PM ET. Led by Risk I/O CEO, Ed Bellis, this webinar will provide an overview and demo of Risk I/O. Learn how with Risk I/O you can: Quickly find critical security issues through our Heads Up Display. Identify remediation that… Read more »

The Real Value of Precognition

guest blogger    December 19, 2012

Vulnerability precognition is an interesting concept, but it leads to interesting and valuable threat mitigations. Rather than relying on some mystical ability to see events before they occur—the more usual meaning for “precognition”—vulnerability precognition arises from an assessment technique known as predictive analytics. It’s worth unpacking and exploring this terminology to get a sense not just for its meaning, but… Read more »

Crowdsourcing Vulnerability Intelligence

guest blogger    December 6, 2012

This is the first post in our guest blogging series. If you are interested in writing for Risk I/O, visit our Guest Blogging page for more information. Strictly speaking, crowdsourcing refers to a model for problem solving that depends on turning requests for information, service, or even ideas over to an unknown but reachable group of potential participants to seek… Read more »

Introducing RiskDB

jheuer    December 4, 2012

Today we’re launching RiskDB, a free, centralized, and open repository of vulnerabilities sourced from public databases. It provides up-to-the-minute information on security-related software flaws, misconfigurations, and threat advisories. We think RiskDB will be one of the easiest ways to stay on top of vulnerabilities relevant to the infrastructure you’re responsible for. For a quick search, just enter your query in the… Read more »

Achievement Unlocked: Venture Funding

Ed Bellis    November 13, 2012

Today we’re really excited to announce our latest round of funding and welcome our newest investors to the Risk I/O team. Our new investors include U.S. Venture Partners and Costanoa Venture Capital and I am thrilled to be working directly with Jacques Benkoski, our newest board member, as well as Greg Sands. We also had great participation and validation from our existing investors… Read more »

Another Week, Another Integration: Retina meet Risk I/O

Andrea Bailiff-Gush    May 30, 2012

We’re beginning to sound a bit like a broken record, but yes, this week we launched another out-of-the-box integration with Risk I/O. Our goal has always been to build a complete vulnerability management platform that works with the tools you’re already using. That’s why we’ve added eEye Digital Security’s Retina Network Security Scanner to our arsenal of integrations. As a connector, you can… Read more »