The Prioritization to Prediction Report Series
An ongoing research initiative between Kenna Security and the Cyentia Institute
The following research was commissioned by Kenna Security. Kenna collected and provided the remediation datasets to the Cyentia Institute for independent analysis and drafting of the reports. The Cyentia Institute seeks to advance cybersecurity knowledge and practice through data-driven research. They curate knowledge for the community and partner with vendors to create analytical reports like the following in order to help enterprises gain insight from their data.
Prioritization to Prediction Volume 1
Analyzing Vulnerability Remediation Strategies
Effective remediation depends on quickly determining which vulnerabilities warrant action and which of those have highest priority, but prioritization remains one of the biggest challenges in vulnerability management.
Prioritization to Prediction Volume 2
Getting Real About Remediation
Research from Kenna Security, in collaboration with the Cyentia Institute, takes a rare look at the vulnerability management strategies of leading enterprises, revealing how organizations are ignoring the majority of vulnerabilities while still improving security.
Prioritization to Prediction Volume 3
Winning the Remediation Race
Are security and IT teams forever destined to play a game of vulnerability whack-a-mole in their efforts to defend their organization against an increasingly complex cybersecurity landscape? How is progress measured? What does winning look like?
Prioritization to Prediction Volume 4
Measuring What Matters in Remediation
Prioritization to Prediction, Volume 4: Measuring What Matters in Remediation, combines qualitative survey data on enterprise vulnerability management practices with quantitative measures of actual remediation performance to reveal the business factors that contribute to high-performing vulnerability management programs.
Prioritization to Prediction Volume 5
In Search of Assets at Risk
The fifth volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities: through the lens of common asset platforms.
Prioritization to Prediction Volume 6
The Attacker-Defender Divide
The sixth volume of the Prioritization to Prediction series explores the lifecycle of 473 vulnerabilities with evidence of exploitation in the wild. Learn what really happens after a vulnerability is discovered. This report reveals surprising insight into when and where attackers and defenders have (and trade) momentum, the effectiveness of responsible vulnerability disclosure and exploit development, and much more.
Prioritization to Prediction Volume 7
Establishing Defender Advantage
The seventh volume of the Prioritization to Prediction series explores whether exploit code releases help or harm defenders. Over 6 billion vulnerabilities affecting 13 million active assets across nearly 500 organizations were analyzed to produce this latest report