�ݺ�ߣshows by User: Risk

�ݺ�ߣshows by User: Risk_IO / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: Risk_IO / Fri, 31 Jul 2015 17:54:16 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: Risk_IO Understanding Asset Risk Via Vulnerability Prioritization /slideshow/understanding-asset-risk-via-vulnerability-prioritization/51150064 sirawebinar2015-150731175416-lva1-app6892
Security is a data problem. There are several data-related flaws seen in studies such as data fundamentalism and stochastic ignorance, but with attackers changing their tactics daily what really needs to be considered is adopting real-time data-driven security tactics. Cleaning your data for weaknesses regularly and considering ground truth are good practices, but there is more that can be done. In this presentation, Sr. Data Scientist Michael Roytman of Kenna analyzes strategies for vulnerability remediation, through his experience collecting 150M live vulnerabilities, 1.5M assets from 2k organizations. Specifically, his presentation includes tips for improving your data collection that can ward off attacks, including: - Explaining why we’re all doing remediation wrong - Analyzing better alternatives Take a look at this presentation to evaluate your organization’s existing method for prioritizing vulnerabilities, and learn how you can incorporate exploit data and live vulnerability data into your current model to achieve accurate prioritization.]]>
Security is a data problem. There are several data-related flaws seen in studies such as data fundamentalism and stochastic ignorance, but with attackers changing their tactics daily what really needs to be considered is adopting real-time data-driven security tactics. Cleaning your data for weaknesses regularly and considering ground truth are good practices, but there is more that can be done. In this presentation, Sr. Data Scientist Michael Roytman of Kenna analyzes strategies for vulnerability remediation, through his experience collecting 150M live vulnerabilities, 1.5M assets from 2k organizations. Specifically, his presentation includes tips for improving your data collection that can ward off attacks, including: - Explaining why we’re all doing remediation wrong - Analyzing better alternatives Take a look at this presentation to evaluate your organization’s existing method for prioritizing vulnerabilities, and learn how you can incorporate exploit data and live vulnerability data into your current model to achieve accurate prioritization.]]> Fri, 31 Jul 2015 17:54:16 GMT /slideshow/understanding-asset-risk-via-vulnerability-prioritization/51150064 Risk_IO@slideshare.net(Risk_IO) Understanding Asset Risk Via Vulnerability Prioritization Risk_IO Security is a data problem. There are several data-related flaws seen in studies such as data fundamentalism and stochastic ignorance, but with attackers changing their tactics daily what really needs to be considered is adopting real-time data-driven security tactics. Cleaning your data for weaknesses regularly and considering ground truth are good practices, but there is more that can be done. In this presentation, Sr. Data Scientist Michael Roytman of Kenna analyzes strategies for vulnerability remediation, through his experience collecting 150M live vulnerabilities, 1.5M assets from 2k organizations. Specifically, his presentation includes tips for improving your data collection that can ward off attacks, including: - Explaining why we’re all doing remediation wrong - Analyzing better alternatives Take a look at this presentation to evaluate your organization’s existing method for prioritizing vulnerabilities, and learn how you can incorporate exploit data and live vulnerability data into your current model to achieve accurate prioritization. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/sirawebinar2015-150731175416-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Security is a data problem. There are several data-related flaws seen in studies such as data fundamentalism and stochastic ignorance, but with attackers changing their tactics daily what really needs to be considered is adopting real-time data-driven security tactics. Cleaning your data for weaknesses regularly and considering ground truth are good practices, but there is more that can be done. In this presentation, Sr. Data Scientist Michael Roytman of Kenna analyzes strategies for vulnerability remediation, through his experience collecting 150M live vulnerabilities, 1.5M assets from 2k organizations. Specifically, his presentation includes tips for improving your data collection that can ward off attacks, including: - Explaining why we’re all doing remediation wrong - Analyzing better alternatives Take a look at this presentation to evaluate your organization’s existing method for prioritizing vulnerabilities, and learn how you can incorporate exploit data and live vulnerability data into your current model to achieve accurate prioritization.

Understanding Asset Risk Via Vulnerability Prioritization from Kenna

]]> 963 4 https://cdn.slidesharecdn.com/ss_thumbnails/sirawebinar2015-150731175416-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Who Watches the Watchers? Metrics for Security Strategy /Risk_IO/who-watches-the-watchers-se sourceboston2015-150731170207-lva1-app6891
Security metrics are often about the performance of information security professionals—traditional ones are centered around vulnerability close rates, timelines, or criticality ratings. But how does one measure if those metrics are the right ones? In this presentation, Sr. Data Scientist Michael Roytman at Kenna takes an indepth look at how to evaluate your security metrics program for risk reduction. Specifically, his presentation includes: - What makes a security metric, good - Applying your collected data towards building a successful security metrics program - Using security metrics to automate how you manage and monitor risk exposure Take a look at this presentation to evaluate your organization’s existing security metrics program, and learn how you can build a security metrics strategy that measures your overall impact to risk reduction.]]>
Security metrics are often about the performance of information security professionals—traditional ones are centered around vulnerability close rates, timelines, or criticality ratings. But how does one measure if those metrics are the right ones? In this presentation, Sr. Data Scientist Michael Roytman at Kenna takes an indepth look at how to evaluate your security metrics program for risk reduction. Specifically, his presentation includes: - What makes a security metric, good - Applying your collected data towards building a successful security metrics program - Using security metrics to automate how you manage and monitor risk exposure Take a look at this presentation to evaluate your organization’s existing security metrics program, and learn how you can build a security metrics strategy that measures your overall impact to risk reduction.]]> Fri, 31 Jul 2015 17:02:06 GMT /Risk_IO/who-watches-the-watchers-se Risk_IO@slideshare.net(Risk_IO) Who Watches the Watchers? Metrics for Security Strategy Risk_IO Security metrics are often about the performance of information security professionals—traditional ones are centered around vulnerability close rates, timelines, or criticality ratings. But how does one measure if those metrics are the right ones? In this presentation, Sr. Data Scientist Michael Roytman at Kenna takes an indepth look at how to evaluate your security metrics program for risk reduction. Specifically, his presentation includes: - What makes a security metric, good - Applying your collected data towards building a successful security metrics program - Using security metrics to automate how you manage and monitor risk exposure Take a look at this presentation to evaluate your organization’s existing security metrics program, and learn how you can build a security metrics strategy that measures your overall impact to risk reduction. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/sourceboston2015-150731170207-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Security metrics are often about the performance of information security professionals—traditional ones are centered around vulnerability close rates, timelines, or criticality ratings. But how does one measure if those metrics are the right ones? In this presentation, Sr. Data Scientist Michael Roytman at Kenna takes an indepth look at how to evaluate your security metrics program for risk reduction. Specifically, his presentation includes: - What makes a security metric, good - Applying your collected data towards building a successful security metrics program - Using security metrics to automate how you manage and monitor risk exposure Take a look at this presentation to evaluate your organization’s existing security metrics program, and learn how you can build a security metrics strategy that measures your overall impact to risk reduction.

Who Watches the Watchers? Metrics for Security Strategy from Kenna

]]> 562 7 https://cdn.slidesharecdn.com/ss_thumbnails/sourceboston2015-150731170207-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Vulnerability & Exploit Trends: A Deep Look Inside the Data /slideshow/b-sides-lvbellisroytman/51123603 bsideslvbellisroytman-150731023147-lva1-app6892
Michael Roytman, Data Scientist, Kenna & Ed Bellis, CEO, Kenna (BSidesLV, 2013) While the past isn’t a direct indication of future performance, knowing the past is essential to predicting the future. In security, this requires reviewing large quantities of vulnerability, defect and exploit data to fully understand how attackers are likely to approach their task. This presentation by Kenna CEO Ed Bellis, and Data Scientist Michael Roytman covers vulnerability statistics as it relates to fixing security issues by: Examining the overlapping data generated from 20 of the leading security tools on the market Comparing & contrasting this with the output of multiple breach reports and database Extracting trends that may be important in helping to reduce the number of breaches in the future This is based on research from over 30M vulnerabilities analyzed over the past 12 months, generated across some of the largest corporations in the world. Take a look at this presentation to learn how others are remediating vulnerabilities, how effective their efforts are, and how they could do it a little bit better.]]>
Michael Roytman, Data Scientist, Kenna & Ed Bellis, CEO, Kenna (BSidesLV, 2013) While the past isn’t a direct indication of future performance, knowing the past is essential to predicting the future. In security, this requires reviewing large quantities of vulnerability, defect and exploit data to fully understand how attackers are likely to approach their task. This presentation by Kenna CEO Ed Bellis, and Data Scientist Michael Roytman covers vulnerability statistics as it relates to fixing security issues by: Examining the overlapping data generated from 20 of the leading security tools on the market Comparing & contrasting this with the output of multiple breach reports and database Extracting trends that may be important in helping to reduce the number of breaches in the future This is based on research from over 30M vulnerabilities analyzed over the past 12 months, generated across some of the largest corporations in the world. Take a look at this presentation to learn how others are remediating vulnerabilities, how effective their efforts are, and how they could do it a little bit better.]]> Fri, 31 Jul 2015 02:31:47 GMT /slideshow/b-sides-lvbellisroytman/51123603 Risk_IO@slideshare.net(Risk_IO) Vulnerability & Exploit Trends: A Deep Look Inside the Data Risk_IO Michael Roytman, Data Scientist, Kenna & Ed Bellis, CEO, Kenna (BSidesLV, 2013) While the past isn’t a direct indication of future performance, knowing the past is essential to predicting the future. In security, this requires reviewing large quantities of vulnerability, defect and exploit data to fully understand how attackers are likely to approach their task. This presentation by Kenna CEO Ed Bellis, and Data Scientist Michael Roytman covers vulnerability statistics as it relates to fixing security issues by: Examining the overlapping data generated from 20 of the leading security tools on the market Comparing & contrasting this with the output of multiple breach reports and database Extracting trends that may be important in helping to reduce the number of breaches in the future This is based on research from over 30M vulnerabilities analyzed over the past 12 months, generated across some of the largest corporations in the world. Take a look at this presentation to learn how others are remediating vulnerabilities, how effective their efforts are, and how they could do it a little bit better. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/bsideslvbellisroytman-150731023147-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Michael Roytman, Data Scientist, Kenna & Ed Bellis, CEO, Kenna (BSidesLV, 2013) While the past isn’t a direct indication of future performance, knowing the past is essential to predicting the future. In security, this requires reviewing large quantities of vulnerability, defect and exploit data to fully understand how attackers are likely to approach their task. This presentation by Kenna CEO Ed Bellis, and Data Scientist Michael Roytman covers vulnerability statistics as it relates to fixing security issues by: Examining the overlapping data generated from 20 of the leading security tools on the market Comparing & contrasting this with the output of multiple breach reports and database Extracting trends that may be important in helping to reduce the number of breaches in the future This is based on research from over 30M vulnerabilities analyzed over the past 12 months, generated across some of the largest corporations in the world. Take a look at this presentation to learn how others are remediating vulnerabilities, how effective their efforts are, and how they could do it a little bit better.

Vulnerability & Exploit Trends: A Deep Look Inside the Data from Kenna

]]> 616 6 https://cdn.slidesharecdn.com/ss_thumbnails/bsideslvbellisroytman-150731023147-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Less Is More: Behind the Data at Kenna, by Data Scientist Michael Roytman /slideshow/less-is-more-behind-the-data-at-risk-io-31962318/31962318 lessismorebehindthedataatriskio-140305163645-phpapp01
Using big data and implementing hadoop is a trend that people jump all to quickly to. Instead understanding the run time complexity of one's algorithms, reducing said complexity and managing the process from start to finish in a lean and agile way can yield massive cost savings - or save your organization.]]>
Using big data and implementing hadoop is a trend that people jump all to quickly to. Instead understanding the run time complexity of one's algorithms, reducing said complexity and managing the process from start to finish in a lean and agile way can yield massive cost savings - or save your organization.]]> Wed, 05 Mar 2014 16:36:45 GMT /slideshow/less-is-more-behind-the-data-at-risk-io-31962318/31962318 Risk_IO@slideshare.net(Risk_IO) Less Is More: Behind the Data at Kenna, by Data Scientist Michael Roytman Risk_IO Using big data and implementing hadoop is a trend that people jump all to quickly to. Instead understanding the run time complexity of one's algorithms, reducing said complexity and managing the process from start to finish in a lean and agile way can yield massive cost savings - or save your organization. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/lessismorebehindthedataatriskio-140305163645-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Using big data and implementing hadoop is a trend that people jump all to quickly to. Instead understanding the run time complexity of one's algorithms, reducing said complexity and managing the process from start to finish in a lean and agile way can yield massive cost savings - or save your organization.

Less Is More: Behind the Data at Kenna, by Data Scientist Michael Roytman from Kenna

]]> 569 3 https://cdn.slidesharecdn.com/ss_thumbnails/lessismorebehindthedataatriskio-140305163645-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-Risk_IO-48x48.jpg?cb=1523516948 Kenna is a software-as-a-service Vulnerability and Risk Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture. For more information, visit kennasecurity.com https://www.kennasecurity.com https://cdn.slidesharecdn.com/ss_thumbnails/sirawebinar2015-150731175416-lva1-app6892-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/understanding-asset-risk-via-vulnerability-prioritization/51150064 Understanding Asset Ri... https://cdn.slidesharecdn.com/ss_thumbnails/sourceboston2015-150731170207-lva1-app6891-thumbnail.jpg?width=320&height=320&fit=bounds Risk_IO/who-watches-the-watchers-se Who Watches the Watche... https://cdn.slidesharecdn.com/ss_thumbnails/bsideslvbellisroytman-150731023147-lva1-app6892-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/b-sides-lvbellisroytman/51123603 Vulnerability & Exploi...