Resource Center
Kenna Resources. Learn cutting-edge practices and know-how from experts in information security.
Reporting on Risk to the Board: A CISO’s Approach
What’s the right metric to use when reporting on your team’s ability to reduce exposure to risk?
How the Rise in Non-Targeted Attacks Has Widened the Remediation Gap
Exclusive report: Find out why InfoSec teams are under the gun to keep up with the increased cadence of non-targeted attacks—and what they can do about them.
CVSS Under Fire
Watch this recording to evaluate existing prioritization models, and learn how you can build a predictive, data-driven prioritization model within your organization.
Common Vulnerability Management Mistakes to Avoid
Learn best practices for vulnerability management success through common mistakes. Support your Infosec team who have to do a lot with a little.
Understanding Asset Risk Via Vulnerability Prioritization
Take a look at this presentation to evaluate your organization’s existing method for prioritizing vulnerabilities.
Who Watches the Watchers? Metrics for Security Strategy
Security metrics are the performance of information security professionals, traditionally centered around irrelevant data-points. Learn how to evaluate you are using the right metrics.
Vulnerability Scanner Checklist
Learn best practices for selecting a vulnerability scanning solution. Compare scanners such as Qualys, Rapid7 Nexpose and Tenable Nessus.
Vulnerability Management Nirvana
Take a look at this presentation to evaluate existing prioritization models, and learn how you can build a predictive, data-driven prioritization model within your organization.
Vulnerability Management for the Midsize
Read this research paper for tips on team management, the best tools, and the processes required to run a best-in-class vulnerability management program for your mid-sized company.
Attack & Network Behavior Analysis
Take a look at this presentation to learn key insights into what we can learn from the behavior of attackers, as well as tactics for staying on top of their tactics.
The Problem with Your Threat Intelligence
Read this research paper for tips on how to use your organization’s own threat intelligence to stay ahead of threats & attacks.
Security at the Speed of DevOps
Watch this recording to gain a better understanding of DevOps, how security can leverage DevOps as a defender, and how you can transform your role in their organization towards contributing to the mission of vulnerability management.
Five Secrets and Two Common “Gotchas” of Vulnerability Scanning
Read this research paper to learn best practices for working with vulnerability scanners that will dramatically improve your security posture.
If All Is Quiet, Are You Really Secure?
Take a look at this recording to learn key considerations that can help your organization create a successful zero-day defense program.
An “Intelligence” Approach to Vulnerability Risk Management
Take a look at this presentation to learn how to apply an “intelligence” approach to vulnerability risk management to your organization.
What Your Security Data Isn’t Telling You
Take a look at this video to learn alternatives for vulnerability prioritization and how we go about mining insights from our large dataset to prove CVSS wrong.
The Power Law of Information
Watch this short on-demand video to learn why averages should not be used in information security and why breaches are better described with The Power Law of Information.
Adopting A Real-Time, Data-Driven Security Practice
Read this research paper to find out more about the research performed and solutions available to adopt a data-driven approach for your security program.
What Your Mother Never Told You About Automating Security
This presentation examines the new strategies and challenges involved with automated security environment.
Less Is More: Behind the Data at Kenna
Take a look at this presentation to learn how following these data analysis best practices can yield massive cost savings to your organization.
Fix What Matters: CVSS Is Great, But It’s Not the Only Thing
Take a look at this presentation to learn how to fix the vulnerability that truly matter, and how to create and measure an effective security practice.
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Take a look at this presentation to learn how others are remediating vulnerabilities, how effective their efforts are, and how they could do it a little bit better.