Kenna Security is now part of Cisco

|Learn more

A Conference By Any Other Name

May 14, 2013
Ed Bellis
Chief Technology Officer, Co-founder

Share with Your Network

Last week I had the opportunity to present at the Best Practices for Technology Symposium. I have to be honest, I’ve never heard of this event and given the name it’s easily missed. In fact, given my recent poston “best practices” and vanity metrics I would have likely avoided an event with such a name. But that would have been a mistake.

Gene Kim introduced me to Fred Palmer who runs this event which is why I seriously considered it. It turns out it’s nothing like what I thought but rather more than two days of emerging technology companies presenting some of their latest tech. I only wish I knew about this event earlier and I wish that I’d known the format was so open. It’s refreshing to hear an audience that actually wants to talk about whether or not the solution you’re pitching works for them rather than the thinly veiled sales pitch cloaked as thought leadership. Having been a practitioner the majority of my career, I think this format is sorely needed. Fred has done a great job bringing together interesting security technologies and providing open and honest feedback. Much like IANS, it has a great workshop format in an informal setting.

One question during the workshop really resonated with me:

Do you think organizations know what’s important to them?

Of course, the sad truth is “it depends.” We were talking about creating a platform like Risk I/O that was created with flexibility in mind. This allows users to slice the data into views that are important to them in order to get better and faster insight. But this is a valid question. What if the organization isn’t sure where to start or what should be important to them? We like to think our priority and trending along with the Heads Up Display are a great start but we will continue to help our customers by flagging and alerting on issues we see as important while maintaining transparency and flexibility. These go well beyond the standard CVSS calculators and take into account real in-the-wild information.

A common question we get is “What are the metrics others are using to measure themselves against?” We will continue to share important metrics to help teams jump-start their programs. It’s great to see practitioners getting together and sharing information that will benefit and raise the bar, and we’ll continue on our mission in helping you gain visibility into what’s important.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.