Cisco to acquire Kenna Security to help customers improve their security posture

Kenna’s risk-based vulnerability management technology enables organizations to work cross-functionally to rapidly identify, prioritize and remediate cyber risks. With this acquisition, Cisco will transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond. The ability to prioritize vulnerabilities based on threat intelligence and […]

Continue Reading

When exploit code precedes a patch, attackers gain a massive head start

Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security and Cyentia Institute has found. “This data-driven research, built over the course of several years, should remove any doubt,” said Ed Bellis, CTO of Kenna Security. “Practices that have long been […]

Continue Reading

Risk-based vulnerability management has produced demonstrable results

Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: risk-based cybersecurity produces proven results. The data shows that risk-based vulnerability management (RBVM) programs allow companies to get measurably better results with less work. Extrapolating from there, it’s possible to […]

Continue Reading

Having a cybersecurity training program in place isn’t enough to ensure cyber safety

With cyberattacks increasing dramatically after the pandemic, TalentLMS and Kenna Security teamed up to gauge employees’ awareness and knowledge of cybersecurity risks. While 59% of employees received cybersecurity training from their companies in response to the COVID-19 outbreak, the survey uncovered that these initiatives have been insufficient. The survey of 1,200 U.S. employees finds that […]

Continue Reading

The effectiveness of vulnerability disclosure and exploit development

New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible vulnerability disclosure and exploit development. The analysis of 473 publicly exploited vulnerabilities challenges long-held assumptions of the security space – namely, disclosure of exploits before a patch is available does not create […]

Continue Reading