Blog – Kenna Security

Vulnerability Management & Risk Intelligence

  • [Video] Turning Data Science Into Security Decisions

    [Video] Turning Data Science Into Security Decisions

    What do I work on today? In security that’s the only question that matters.  Find out from the source, the Kenna employees who work on it, how Kenna’s data science algorithms ingest, aggregate,...

    Read Article
  • One-fifth of the most-used Docker containers have at least one critical vulnerability

    One-fifth of the most-used Docker containers have at least one critical vulnerability

    When CVE-2019-5021 was released on May 8, it made me wonder how widespread the issue of vulnerabilities in popular containers is. Businesses have increasingly come to rely on containers as an...

    Read Article
  • Make Your Vulnerability Management Efforts Count

    Make Your Vulnerability Management Efforts Count

    Enterprises of all sizes are inundated with more vulnerabilities than their teams can ever hope to remediate, so they need a way to prioritize which to fix first. Unfortunately, most use the...

    Read Article
  • The Summer Reading List

    The Summer Reading List

    You love reading, we love reading. That’s why this summer Kenna Security is sharing with you a list of titles our research team have read, are reading, or look forward to reading this summer. The...

    Read Article
  • [Video] Using Data Science to Simplify Cybersecurity

    Security is at the forefront of everybody’s mind. You walk through the airport, you see cybersecurity. You install apps on your phone because you’re not secure. It’s sort of in everyone’s face....

    Read Article
  • The New Application Attack Surface

    The New Application Attack Surface

    This post comes as a result of a conversation between Tyler Shields, VP Strategy of Sonatype and myself.   The way we create, deploy and operate applications has changed in the last few years....

    Read Article
  • Nearly 20% of the 1000 Most Popular Docker Containers Have No Root Password

    Nearly 20% of the 1000 Most Popular Docker Containers Have No Root Password

    Earlier this month, Talos released research showing that the Alpine Linux docker images were shipping with no (or nulled) root passwords. Alpine patched the docker files, and issued their response...

    Read Article
  • Predicting CVE-2019-0708

    Predicting CVE-2019-0708

    UPDATE 20190604: The NSA is now urging organizations to patch. UPDATE 20190604: Notice of a functional, private MSF module posted by @zerosum0x0 to Twitter. UPDATE 20190603: Additional exposure...

    Read Article
  • Gaining Visibility in an AppSec World

    Gaining Visibility in an AppSec World

    It’s no secret that application security professionals face an uphill battle as they attempt to influence development teams to remediate critical application vulnerabilities. But why is it such a...

    Read Article
  • Get Ahead of Zero-Day Vulnerabilities With Kenna Security + Exodus Intelligence

    Get Ahead of Zero-Day Vulnerabilities With Kenna Security + Exodus Intelligence

    Zero-days vulnerabilities are unknown vulnerabilities. The exact definition is that they are vulnerabilities that have not been released to the public. The problem is that attackers may discover...

    Read Article
  • “New-School” Vulnerability Management vs. Old-School Vulnerability Management: A 7 Round Smackdown

    “New-School” Vulnerability Management vs. Old-School Vulnerability Management: A 7 Round Smackdown

    I’ve been talking about the benefits of adopting a risk-based approach to vulnerability management (VM) for some time now. Since Jeff Heuer and I founded Kenna Security, in fact. For those of you...

    Read Article
  • Learn How to Build a World-Class Application Security Program

    Learn How to Build a World-Class Application Security Program

    Despite the growing importance of application security in organizations of all sizes, most face an increasing number of challenges to implement a strong application security program. Custom code,...

    Read Article
  • Genpact Steps Off the Vulnerability Management Treadmill

    Genpact Steps Off the Vulnerability Management Treadmill

    John Morin, Customer Success Manager, Kenna Security Let’s face it, vulnerability management is challenging. Larger companies can have tens of thousands of assets and millions of vulnerabilities....

    Read Article
  • Kenna Security Makes Noise at RSAC

    Kenna Security Makes Noise at RSAC

    Last week, more than 40,000 security professionals packed the relatively small city of San Francisco for the annual RSA Conference (RSAC). As the largest security conference in the world, RSAC...

    Read Article
  • Don’t Stop Me Now: The Race to Remediation Is On

    Don’t Stop Me Now: The Race to Remediation Is On

    “That’s why they call me Mr. Fahrenheit, cause I’m patching at the speed of light!” – Freddie Mercury(ish). Over the past several months, my team and I have worked with the Cyentia Institute to...

    Read Article
  • One Hacker’s Guide to the Week of RSAC 2019

    One Hacker’s Guide to the Week of RSAC 2019

    Next week, starting on March 3rd, I will be in the Bay Area for both BSides SF and RSA Conference (RSAC) 2019. As a security professional (and a hacker, the good kind) working for a security...

    Read Article
  • Comprehensive Application Security Requires Open Source Vulnerability Detection

    Comprehensive Application Security Requires Open Source Vulnerability Detection

    Modern application security programs have unique requirements based on the complexity of the applications, themselves. Apps are comprised of multiple components, including runtime libraries,...

    Read Article
  • CUSTOMER BLOG: Share your opinion and support the Chicago Tech Academy!

    CUSTOMER BLOG: Share your opinion and support the Chicago Tech Academy!

    With one of our main offices in the Chicago area, the West Loop to be specific, we’re a big fan of local Chicago initiatives, especially relating to education. Our engineering teams have hosted...

    Read Article
  • From the Desk of the CEO: Looking Back to Look Forward

    From the Desk of the CEO: Looking Back to Look Forward

    With our employee all-hands and sales kickoff event just behind us and RSAC coming in early March, I wanted to take a moment to reflect on what I’ve seen, what I’m thankful for in my time here at...

    Read Article
  • Power to the Partner!

    Power to the Partner!

    Just a few weeks ago I headed off to Chicago—yes, into the polar vortex—to join my colleagues and friends at our yearly all-hands and sales kickoff for a week of learning, planning, celebrating....

    Read Article
  • loading
    Loading More...