Kenna Security is now part of Cisco

|Learn more

Nmap + Risk I/O = Peanut Butter + Chocolate

Sep 3, 2013
Ed Bellis
Chief Technology Officer, Co-founder

Share with Your Network

No, I’m not speaking of a fancy new risk formula, but rather about one of our most popular integrations: Nmap.

Nmap can be a pretty powerful tool for asset discovery and figuring out what services and ports are open across your network. It can also be a great way to find configuration issues that could result in security weaknesses for your environment. By combining Nmap with NSE scripts you can even pull Common Vulnerabilities and Exposures (CVE) in some cases.


Adding data from vulnerability scanners can make for a more complete picture and help factor in to remediation decisions. This is where Risk I/O plays a starring role. Combine this with some news ways to slice-and-view the data within our asset tab to get that holistic view of your network. You can now filter your assets by Service Ports, Service Names, Protocols and Products among other things. Want to see where telnet might be exposed in your DMZ or understand where you might be running a prohibited service? It’s as simple as a single checkbox in Risk I/O.

While filtering can make issues easy to find, there are also side benefits to this. For example, we learned many of our customers in the Energy sector are using this as part of their compliance efforts with their NERC CIP ports and services requirement (PDF). By identifying those through these easy-to-use filters and saving that as a saved search, they have a single click to provide the necessary documentation to their auditors or identify any prohibited services. I’ve included a very brief video below on doing just that.

If you’re already a Risk I/O customer, give the new facets in the asset tab a try. I’d love to hear about any use cases you may have. If you’re not currently a customer, you can sign up for free and give it a spin.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.