Kenna Security is now part of Cisco

|Learn more
Contact Us
Talk to an Expert
Request a demo

Research Reports

Cutting-edge research on vulnerability management.

P2P Volume 5: In Search of Assets at Risk

The fifth volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities: through the lens of common asset platforms.
Download Now
Cybersecurity Best Practices

How Not To Let Your Supply Chain Leave You Vulnerable

“There are only two types of companies,” observes Cisco’s Gee Rittenhouse in a recent blog. “Those that know they’ve been compromised, and those that don’t.” I’d argue it’s a (very) worthy pursuit to figure out which type of company yours is. But it may be just as important to make the same determination about the companies…


Rules of Engagement for Successful Vendor-CISO Partnerships Part 2: The Don’ts

This is the second in our blog series detailing what vendors should avoid at all costs on the way to helping cyber leaders evolve their security maturity across their organizations with modern vulnerability management.  If you didn’t see it, check out Part I, which details what vendors should embrace on the road to establishing a…


Cisco SecureX + Kenna Security: Bringing Simplicity to You 

Today’s reality is that cybersecurity is a complex challenge, and unfortunately a lot of cybersecurity solutions can be just as complex.   What’s needed is a way to make security operations simple, automated, and democratized. So, no matter the complexity of your IT environment, and no matter how many threats may be targeting your organization, protecting it shouldn’t be riddled…

Vulnerability Management

Vulnerability Scores and Risk Scores: What You Need to Know

In cybersecurity, a vulnerability score is a generic ranking assigned to any given vulnerability that conveys the relative urgency of that vulnerability. A risk score measures everything a vulnerability score does, but also provides more context than a vulnerability score by gauging the relative risk that a given vulnerability poses to a specific organization.  Both…

Trending Vulns

September Vuln of the Month: CVE-2021-28640

September’s Vuln of the Month is a vulnerability involving a favorite target of hackers: Adobe Reader software. So on this Exploit Wednesday, we’re spotlighting CVE-2021-28640, a Use After Free vulnerability affecting all known versions of Acrobat Reader DC. Our research shows that CVE-2021-28640 meets many of the criteria we look for to be widely exploited,…

Risk-Based Vulnerability Management

A CISO’s Guide to Making Vulnerability Management Matter to Your Board (Part 2)

This is Part 2 of our CISO’s guide blog series. Part 1 discusses communicating cyber risk to the board.  It’s a rare board member who gets really excited about vulnerability management. The topic of assessing your host, network, and application vulnerabilities and strategies to remediate them is likely to cause most directors to look for…


How to Implement Risk-Based Vulnerability Management Now: A Practical Guide

Download the guide and discover why traditional ways of vulnerability management no longer work and how focusing on risk is the key to remediating the vulnerabilities that matter most.

Vulnerability Management

Buy vs. Build? 5 Considerations for Vulnerability Management 

Earlier this summer, Gartner predicted growth of IT spending will reach $4.2 trillion by the end of 2021, trumping 2020’s annual spend by almost 9%. Spending on cloud computing and other tech services is forecasted to reach almost $1.2 trillion by the end of the year.  With skyrocketing IT initiatives and digitization, leaders everywhere are…


Hybrid workplaces don’t have to be two-tier workplaces

Workplaces everywhere continue to be disrupted by the ongoing pandemic as companies make decisions about their off- and on-premise workforce. As the COVID-19 delta variant spawns a second wave of infections across the globe, major employers like Apple and Amazon are once again delaying their return to the office. Meanwhile, companies like Google are straddling…

Company News

Kenna Katalyst is Back! You Should Join Us 

We’re excited to reignite Kenna Katalyst — a series of live, groundbreaking risk-based vulnerability management workshops that offer security leaders a high-value opportunity to gain the knowledge they need to lower cyber risk with significantly less effort.   Join us in Dallas, Atlanta, or Chicago for one of our three-hour tutorials born from the inherent gap existing between our IT and Security teams. Our small, intimate interactive workshops are ideal for security professionals looking to take vulnerability management to the next…


Rules of Engagement for Successful Vendor-CISO Partnerships Part I: The Do’s 

This first installment of a two-part series addresses what vendors should do to create strong CISO partnerships. No two CISOs are alike, even if they hail from the same industry or similar-sized companies. So, figuring out how to keep up with the evolving demands of today’s cyber-focused decision-maker is a must for solution providers to…


Understanding the 8 Riskiest Classes of Vulnerabilities 

With more than a decade of risk prioritization and real-world observation, we at Kenna Security have seen some pretty scary vulnerabilities. Over time, patterns start to appear and we’ve been able to pinpoint the top repeat offenders. To ready yourself (and your vulnerability management program) to face the worst of the worst head on, you have to know what you’re dealing with first.   Join us as we discuss what makes a vulnerability truly dangerous and take a deep dive…

Kenna API

Automating Connector Runs

Automation is the one of the keys to a successful DevOps department. There are many workflow engines, like the one in Cisco’s SecureX. This blog discusses one way to automate launching connector runs. Why automate connector runs? One reason is because you will have vulnerability risk information at the same time each day. This provides…


© 2021 Kenna Security. All Rights Reserved. Privacy Policy.