Evolving Vulnerability Management: Cisco Announces Intent to Acquire Kenna Security
Share with Your Network
Chances are that if you’re reading this, you have probably heard the incredible news that Cisco announced its intent to acquire Kenna Security. For additional detail, please read Cisco’s press release and blog about this news.
When I joined Kenna Security seven years ago, the industry was in what Ed Bellis would describe as the “Generate Really, Really Long Lists of Vulnerabilities” stage of vulnerability management (VM). Security would run their vuln scanners and then, dump a PDF with millions of vulnerabilities on thousands of systems off on IT’s desk. Maybe some of the more “advanced” companies were using CVSS or even a homebrewed scoring system to attempt some form of triage, with the limitations that come from utilizing risk scores without any context.
Our mission was to create a better way to do vulnerability management (VM). One that that could leverage the massive volumes of intelligence available, combined with the attributes of machine learning and data science, to help security and IT teams quickly make sense (and ultimately decisions) out of the massive volumes of data they already had. Our vision was to do this at scale, be data source agnostic and provide a full stack view of risk.
We knew this would require upending a stagnant VM market and forging a new category, ultimately known as Risk-Based Vulnerability Management (RBVM). We knew that once the market was ready for RBVM our customers would be the trailblazers; aligning around the shared vision of their entire organization working together to reduce cyber risk. And we knew that once we had demonstrated the results RBVM could achieve; we would change the way the entire world addresses vulnerability management.
RBVM is about to reach critical mass
Over the past decade, we have not only defined and created the RBVM category but also established Kenna as a clear leader which is a very rare accomplishment. And the best part is that our customers are demonstrably more secure as a result.
Now is our opportunity to change the industry: once the acquisition is is complete, we will be one step closer to delivering Kenna’s pioneering RBVM platform to the more than 7,000 customers using Cisco SecureX today. This single action exponentially increases the impact Kenna’s technology will have on the way the world secures networks, endpoints and infrastructures.
Joining Cisco, the world’s largest networking company and enterprise security leader, will extend our leadership position and enable us to build upon one of the most comprehensive security portfolios in the industry.
We did not do this alone
Cisco isn’t just excited about our groundbreaking data science, breakthrough risk prioritization and platform-agnostic integrations. The company knows it’s getting the best in the business, representing a strategic investment in talent as well as our vision for RBVM. Cisco believes Kenna is the horse to bet on in this high-growth space.
This is a testament to our trailblazing customers who dared to realize a vision where security and IT could align and rally around reducing their cyber risk.
It’s a testament to our partners who took the risk of including our solutions in their portfolios and the challenge of educating their customers on this new approach.
Finally, it’s a testament to the hard work of the Kenna team current and past. The personal and professional sacrifices they’ve made over the years, and the creativity and passion they’ve brought to the Kenna family.
The best is yet to come
Looking back, I am incredibly proud to see what we have built and am humbled to have been on this journey. And more than anything, I can’t wait to see what this new chapter brings and what Kenna and Cisco will build together.