Kenna Security is now part of Cisco

|Learn more
Contact Us
Talk to an Expert
Request a demo

Author Bio

Ed Bellis
Chief Technology Officer, Co-founder
Some call him the father of risk-based vulnerability management. Everyone else just calls him Ed. He’s got thoughts about RBVM. Deep thoughts. He shares them here.

WHAT HE REALLY DOES: Ed herds a team of very smart cats who do the security research and data science that helps you keep the bad guys at bay.


WHY READ HIS BLOG: When he headed security for Orbitz, Ed realized that staying ahead of the next threat would be impossible without the ability to know which vulns pose the greatest risk to your enterprise. He applies that same kind of vision to his blogs.


ODD FACT: Related to both Major and Minor League Baseball players, yet oddly uncoordinated himself.

Read My Posts

A CISO’s Guide to Making Vulnerability Management Matter to Your Board (Part 2)

This is Part 2 of our CISO’s guide blog series. Part 1 discusses communicating cyber risk to the board.  It’s a rare board member who gets really excited about vulnerability management. The topic of assessing your host, network, and application vulnerabilities and strategies to remediate them is likely to cause most directors to look for…

Read More

Buy vs. Build? 5 Considerations for Vulnerability Management 

Earlier this summer, Gartner predicted growth of IT spending will reach $4.2 trillion by the end of 2021, trumping 2020’s annual spend by almost 9%. Spending on cloud computing and other tech services is forecasted to reach almost $1.2 trillion by the end of the year.  With skyrocketing IT initiatives and digitization, leaders everywhere are…

Read More

A CISO’s Guide to Communicating Cyber Risk to the Board (Part 1)

When I ran security at Orbitz, reporting on risk was always a challenge. My team wanted to ensure that we had a clear way to paint a picture of the organization’s exposure to risk—as well as describe the actions we had taken, month by month, in order to reduce that risk. But frankly, we weren’t…

Read More

How a Private Dust-Up Over Publicizing Exploits Became Very Public

A recent article in The Washington Post brought to the public eye an issue most non-Security folks have probably never thought about. It centers on a Jan. 11 press announcement from BitDefender, a Romanian cybersecurity firm that published a free tool designed to help victims of DarkSide ransomware attacks decrypt data locked up by the…

Read More

5 Security Trends to Keep on Your Radar Right Now

As we approach the second half of 2021, more and more companies are finding their footing and settling into a new normal in a post-pandemic world. The operational upsets last year’s global pandemic introduced, including and especially remote work, have settled into a somewhat steady state. This has many business and security leaders looking ahead…

Read More

New Research Settles A Very Old Debate in Cybersecurity

Today, we’ve released the seventh edition of our joint research series, “Prioritization to Prediction,” and it contains a potentially surprising new finding: A common practice in cybersecurity does more harm than good.  The analysis, conducted by the researchers at Cyentia Institute, found that when security researchers disclose exploit code to the public before a software…

Read More

© 2021 Kenna Security. All Rights Reserved. Privacy Policy.