Tag Archives: vulnerability management

To the Cloud, and Beyond!

Andrea Bailiff-Gush    July 20, 2011

We are pleased to announce our entry into the Rackspace Cloud Network! Our flagship product (which you learned in a recent blog post will soon be called Risk I/O ) now provides vulnerability management services to “Rackers” who store their data and run their applications in the Rackspace Cloud. According to Nisan Sivathasan, director of corporate development at Rackspace, the addition of… Read more »

The Vulnerability Arms Race

Ed Bellis    May 13, 2011

Note: This is a repost from my CSO Online blog. If you are working in an organization with any sizable technology infrastructure, it has probably become quite apparent that your vulnerability management program has a lot more “vulnerabilities” than “management”. I recently had an email exchange with Gene Kim, CTO at Tripwire, regarding this issue and he boiled it down… Read more »

Cover Your Assets

Ed Bellis    April 26, 2011

Here at HoneyApps, we are big proponents of leveraging data to help make decisions. We subscribe to the New School of Security and use both quantitative and qualitative information to aid in decision support. This also influences our product roadmap and feature set. This is why we’re happy to share with you our newest connector. As part of building out… Read more »

The Power of Conduit – Now Fortified with W3AF

Ed Bellis    April 7, 2011

Our worker bees have been banging away in the hive working on our latest connector. This morning they emerged with their latest work… the W3AF connector. W3AF, or the Web Application Attack & Audit Framework is an open source framework used for assessing web applications for security vulnerabilities and is fully extendable through it’s plug-in architecture. W3AF has discovery, audit,… Read more »

Let Me Introduce Our Newest Connector

Ed Bellis    January 27, 2011

World, if you haven’t already, please meet Netsparker, the latest “friend of the bee”. Netsparker is a web application security scanner from Mavituna Security and our laster connector integration. Netsparker is billed as a “false positive free” scanner through its confirmation / exploitation engine. Already using it today? Great! Now you can import all of your Netsparker results into Conduit… Read more »

Vulnerability Management As A Data Issue

admin    April 19, 2010

Organizations face a number of issues as part of their vulnerability management programs, not the least of which is data management. The problems security teams face managing and remediating their security defects has evolved over the past several years. Finding vulnerabilities is no longer the challenge. Mature security teams are looking at all of their assets layers including their applications, databases,… Read more »