The Top 10 Risk I/O Blog Posts of 2012

Jan 8, 2013
Andrea Bailiff-Gush

Share with Your Network

It’s a new year! And I would guess it will probably be filled with new and interesting ideas on mining and visualizing data so we can all make better security decisions. In honor of another year having come and gone, we’re taking a look back at our top blog posts of 2012, so you can catch up on some of the information you might have missed throughout the year.

  1. Introducing RiskDB – Learn more about our new tool, RiskDB: a free, centralized, and open repository of vulnerabilities sourced from public databases. You’ll want to bookmark this site for reference.Risk I/O: Vulnerability Intelligence Platform
  2. The Scanner that Cried Wolf – Dealing with false positives during a vulnerability assessment is a fact of life. Learn how to decrease the amount of false positives that are produced by automated tools and how you can use our custom fields feature to overcome them.
  3. Security Intelligence != SIEM – We love taking part in industry-related conferences. Learn about our experience at Metricon 6.5, RSA and BSides conferences in San Francisco, and how these conferences challenged us to start thinking differently about Security Intelligence.
  4. You Keep Using that Word – This post describes several important security questions organizations should ask themselves and the best way to answer these.
  5. No More Traffic Signals – Here we break down the current state of vulnerability remediation and prioritization – tldr, it’s depressing.
  6. Hitting Above the Security Mendoza Line – All the industry buzzwords floating around target the dreaded APT but when we take a look at the data, it’s the basics that are being missed. Covering this across your environment may be harder than you think.
  7. Validating Vulnerabilities with Metasploit – Risk I/O’s integration with The Metasploit Project allows you to use the Metasploit database to detect even more critical issues in your network while validating mitigating controls.
  8. Open-Source Cancer – If a sensitive issue, such as cancer can be open sourced, then why can’t security? Risk I/O’s Mike Krisher weighs the benefits of open sourcing vulnerabilities in this blog post.
  9. The Real Value of Precognition – In this blog post, we discuss predictive analytics and its value to vulnerability management.
  10. Big Data, Better Security – Risk I/O’s Ryan Huber provides a recap on his recent Cloud Mafia presentation, which discusses how using big data can provide better security.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.