Hi [[ session.user.profile.firstName ]]

3 Ways to Make Better Decisions When Managing Cyber Risk

Security teams need to make better, faster, data-driven decisions. They are in a constant struggle to outpace their adversaries who are sophisticated and often well-funded.

Jerry Gamblin has spent almost 20 years fighting cyberthreats at corporations and government agencies, and he’ll be joining us to discuss how to make the best possible decisions in managing cyber risk.

Join our next webinar: 3 Ways to Make Better Decisions When Managing Cyber Risk on Wednesday, November 14th at 10am PT. Jerry Gamblin, Principal Security Engineer at Kenna Security, and Jeff Aboud, Director of Product Marketing at Kenna Security, will have an informal discussion on:

· Peer Benchmarking and how security leaders can use industry benchmarks to make more informed, data-driven decisions
· Application Risk Scoring and its role in delivering more precise application risk metrics throughout the development lifecycle
· At-a-Glance Visibility and how a centralized dashboard can enable security teams to quickly assess, prioritize, and close vulnerabilities
Recorded Nov 14 2018 44 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jerry Gamblin, Principal Security Engineer, Kenna Security; Jeff Aboud, Director of Product Marketing, Kenna Security
Presentation preview: 3 Ways to Make Better Decisions When Managing Cyber Risk

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Get More From Application Vulnerability Correlation Nov 7 2019 7:00 pm UTC 60 mins
    John Alexander, Sr Product Marketing Manager, Kenna Security
    The increasing importance of AppSec in the Software Development Life Cycle (SDLC) has led to the emergence of a variety of application vulnerability detection methodologies like Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA), as well as bug bounty and penetration testing programs. But with this abundance of different tools, each with their own unique set of pros and cons comes the challenge of bringing all of this disparate information together so that effective and efficient risk prioritization decisions can be made.

    This problem did not go unnoticed by the security industry, a market segment that Gartner calls Application Vulnerability Correlation (AVC) rapidly emerged and security vendors rushed to fill in the gap.

    On their own AVC products and software, as a consolidated source of vulnerability data, provide tremendous value due to their central position in AppSec. Vendors have quickly realized this and this webinar will explain what AVC is, detail AVC best practices and explore the additional value that can be harnessed by AVC due to its unique position as a centralized repository of AppSec vulnerability information, features like: vulnerability prioritization, remediation system support, reporting, and flexible APIs.
  • The Death Of DevSecOps Recorded: Oct 3 2019 32 mins
    Jerry Gamblin, Principal Security Engineer, Kenna Security
    “It is with our deepest sorrow that we inform you of the death of our beloved budget line and one of our favorite buzzwords, DevSecOps. A small community memorial service will be held at RiRi’s Irish Pub following this talk. DevSecOps is survived by a strong and independent development shop closely aligned with business goals that DevSecOps attempted but never managed to fully understand.”

    While the above is obviously hyperbole it is not far from what is actually happening in many development shops.

    Security groups were invited late to the DevOps movement, and more and more security teams are once again being excluded from these groups. In this webinar, Kenna Principal Security Engineer Jerry Gamblin will discuss why this is happening and what can be done to stop this trend moving forward by better aligning security goals with the business goals.

    Join Jerry to discover:
    - Why DevSecOps dies when security is a constant foil, fails to understand the business, and doesn’t have traction within the rest of the organization
    - How to save DevSecOps by knowing and aligning security with the organization’s goals and concerns, such as profit generation and risk tolerance
    - Whether DevSecOps is worth saving and what a world without DevSecOps might look like
  • Solving the Cybersecurity Workforce Shortage With Machine Learning Recorded: Sep 12 2019 43 mins
    Michael Roytman, Chief Data Scientist, Kenna Security
    The workforce shortage in cybersecurity is forcing organizations to find new ways to get more out of their limited resources. In this webinar, we posit that automating operations with machine learning is the only way to get more efficiency and output from your existing team, giving them time back for more strategic work. What questions machine learning can solve, how to measure the effects, and how to make sure your most precious resources (people) are working on what matters is essential. The webinar will cover:

    - Why automation and machine learning are the solution to the workforce shortage
    - Pointers on those places where you really shouldn’t automate
    - How you can make every member of your team more efficient
    - Which metrics matter most when designing machine learning systems

    Give your team back their time. Automating with machine learning is the solution.
  • Distinguishing Common Practices from Best Practices in Vulnerability Management Recorded: Aug 13 2019 57 mins
    Ed Bellis, CTO and Co-Founder of Kenna Security; Ben Edwards Ph.D., of the Cyentia Institute
    Ask ten different security professionals how to do vulnerability management, and you’ll likely get ten different answers. But if you ask several hundred, you start to see a trend: some organizations stand out from all the others. They’re not just closing vulns, they’re lowering risk. These are the top performers in vulnerability management. So what is it, exactly, that they do differently?

    In the fourth volume of our “Prioritization to Prediction” research, Kenna Security and our research partner, the Cyentia Institute, provide the answers. Join Cyentia’s Ben Edwards Ph.D., and Kenna’s Ed Bellis for this insightful webinar where they’ll share the key contributing factors of top performing vulnerability management teams drawn from analyzing real-world data from hundreds of organizations.
  • Exploring the Most Exploited Vulnerabilities of 2019 (So Far) Recorded: Jul 16 2019 47 mins
    Jonathan Cran, Kenna Security Head of Research
    Using a data-first approach, we'll reveal which vulnerabilities are being exploited in the wild in 2019—digging into the trends behind them and providing insight for security practitioners.

    In this webinar, Kenna Security Head of Research Jonathan Cran will:
    • Dig into the current threat landscape with a focus on exploited vulnerabilities
    • Explore why these vulnerabilities are useful to attackers and look for trends
    • Showcase how Kenna's risk and prediction model helps you get ahead of these threats
  • Take a Risk-Based Approach to Vulnerability Management Recorded: Jun 11 2019 44 mins
    Jeff Aboud, Kenna Security Director of Product Marketing
    The average enterprise has millions of vulnerabilities, with dozens of new ones discovered each day. With so much data coming in so fast, how can you gain an upper hand? Since only a relatively small number of vulnerabilities will ever be exploited, you need to understand how to prioritize which ones to fix first based on the level of risk they pose to your enterprise. Learn how in this webinar, where we’ll cover:

    ·How prioritizing vulnerabilities based on risk saves time and improves results
    ·The requirements for effective risk-based vulnerability management
    ·Insights and approaches to help you take control of your risk posture
    ·How using a predictive model for vulnerability management can help you maximize your efficiency
    ·And much more!

    By taking a risk-based approach to vulnerability management, you can focus your limited resources on the vulnerabilities that matter most, to reduce the most risk throughout your enterprise.
  • Successful Application Security Strategies Recorded: May 8 2019 56 mins
    Jonathan Cran, Head of Research at Kenna Security; Tyler Shields, VP of Strategy and Business Development, Sonatype
    As enterprises deepen their investment in public cloud and digital transformation, the rate of sensitive data flowing through their organizations continues to accelerate. This has left application security teams with many visibility and process challenges.

    Join industry veterans and application security experts Jonathan Cran, Head of Research at Kenna Security, and Tyler Shields, Vice President of Strategy and Business Development at Sonatype—as they provide insight into successful application security strategies, and tips that the best programs can use to get ahead.

    This lively discussion will cover:

    - The role of open source in modern product development
    - Novel threats to enterprises involving open source
    - How SecOps and DevOps differ when it comes to security visibility needs
    - How Software Composition Analysis (SCA) fits into modern AppSec programs
    - Novel techniques and tools that can be used to get ahead of the challenge
    - And much more!
  • Understanding Why Vulnerabilities Are Exploited Recorded: Apr 11 2019 54 mins
    Jay Jacobs, Data Scientist, Cyentia Institute; Michael Roytman, Chief Data Scientist, Kenna Security
    Why are some vulnerabilities exploited when so many aren’t? What are the characteristics of a vulnerability that make it more likely to be exploited than another?

    Join Michael Roytman, Chief Data Scientist at Kenna Security, and Jay Jacobs, Data Scientist from the Cyentia Institute, as they uncover the causes of vulnerability exploits.

    Listen in as they continue their discussion from RSA on vulnerabilities, and their conclusions from an in-depth review of many different data sources including tens of thousands of vulnerabilities, CVSS scores, CVE, NVD, and mailing lists and data feeds.
  • RSA Follow-Up: Applied Prediction to Get Proactive About Security Recorded: Mar 7 2019 35 mins
    Ed Bellis, CTO and Co-Founder of Kenna Security; Wade Baker, Partner and Co-Founder of the Cyentia Institute
    We can predict the weather, but we still lack the necessary foresight into the cyber-attacks heading our way. And that can often put us in a place where we’re reacting to a threat after it has occurred.

    So, how do you know if your company is a target? What data do you need to understand to help keep your company secure? And how can your company data, threat models and industry data help evaluate risk?

    Join Ed Bellis, CTO and Co-Founder of Kenna Security, and and Wade Baker, Partner and Co-Founder of the Cyentia Institute as they continue their discussion from RSA on:
    - key findings from their research on vulnerability management strategies
    - improvement practitioners can implement into their own security programs
    - the practical applications of new predictive models

    Presented by
    Ed Bellis, CTO and Co-Founder of Kenna Security
    Wade Baker, Partner and Co-Founder of the Cyentia Institute
  • Why All These Vulnerabilities Rarely Matter Recorded: Feb 5 2019 58 mins
    Jeremiah Grossman, CEO of application security firm Bit Discovery; Jonathan Cran, Head of Research at Kenna Security
    Application security is an increasingly important, yet commonly misunderstood, IT topic.

    While security professionals agree that remediating application vulnerabilities is essential to maximizing the organization’s security posture, there is little agreement on how to effectively prioritize which vulnerabilities to remediate first. With a wide range of application security tools such as SAST, DAST, and RASP, which provide the most useful data? 

    Join Jeremiah Grossman, CEO of application security firm Bit Discovery, and Jonathan Cran, Head of Research at Kenna Security, as they draw on their 35+ years of combined experience to discuss:

    - The relative value of the various application security tools in the market
    - Their insights on how best to built a modern application security program
    - How to focus on the relatively few application vulnerabilities that pose the most risk
    - How to avoid the 'noise' from the majority that don't require the attention of your limited resources

    Register now.
  • Cybersecurity Trends for 2019 Recorded: Dec 12 2018 49 mins
    Jonathan Cran, Head of Research and Jeff Aboud, Director of Product Marketing, Kenna Security
    Every year the cyber threat landscape is different than the year before as new technologies replace the old and new means of digital disruption replace those that came before.

    2018 was anything but quiet with an uptick in cyber activity from major geopolitical actors, and vulnerabilities and techniques weaponized faster than ever. Despite fewer reported breaches in 2018, the cyber landscape continued to evolve rapidly.

    Join us for our next webinar: A Retrospective on Cybersecurity in 2018 and Trends to Watch in 2019; Kenna Security’s Jonathan Cran, Head of Research, and Jeff Aboud, Director of Product Marketing will dissect key data points to chart a path for how we must approach security challenges in 2019, as well as:

    - Major threat trends in 2018
    - Cybersecurity hype and lessons learned
    - Predictions for the next wave of cybersecurity challenges in 2019

    Take control of cyberthreats in 2019. Register now.
  • 3 Ways to Make Better Decisions When Managing Cyber Risk Recorded: Nov 14 2018 44 mins
    Jerry Gamblin, Principal Security Engineer, Kenna Security; Jeff Aboud, Director of Product Marketing, Kenna Security
    Security teams need to make better, faster, data-driven decisions. They are in a constant struggle to outpace their adversaries who are sophisticated and often well-funded.

    Jerry Gamblin has spent almost 20 years fighting cyberthreats at corporations and government agencies, and he’ll be joining us to discuss how to make the best possible decisions in managing cyber risk.

    Join our next webinar: 3 Ways to Make Better Decisions When Managing Cyber Risk on Wednesday, November 14th at 10am PT. Jerry Gamblin, Principal Security Engineer at Kenna Security, and Jeff Aboud, Director of Product Marketing at Kenna Security, will have an informal discussion on:

    · Peer Benchmarking and how security leaders can use industry benchmarks to make more informed, data-driven decisions
    · Application Risk Scoring and its role in delivering more precise application risk metrics throughout the development lifecycle
    · At-a-Glance Visibility and how a centralized dashboard can enable security teams to quickly assess, prioritize, and close vulnerabilities
  • Proactive Security Management: Stop Treating the Symptoms Recorded: Oct 23 2018 49 mins
    Jeff Aboud, Director of Product Marketing at Kenna Security
    Does your security team spend most of their time and energy reacting to attacks already in progress?

    If you’re like many security teams, the answer to that question is, sadly, yes. It’s time to approach security in a whole new way. Rather than treating the symptoms, learn to proactively remediate the root of the problem—and even get ahead by automating ahead of the threat.

    Join us for our next webinar, “Proactive Security Management: Stop Treating the Symptoms,” on Tuesday, October 23, 2018 at 8:00am PT. Kenna Security’s Director of Product Marketing Jeff Aboud will walk us through why and how to go beyond just reacting to cyberthreats.

    In this webinar you’ll learn how to:
    Understand the Problem
    Shift Your Focus
    Work Smarter Not Harder
    Predict the Future

    Get ahead of cyberthreats. Register now.
  • Kenna Platform Demo: A Better Way to Report on Risk Recorded: Sep 27 2018 33 mins
    Ed Bellis, CTO of Kenna Security
    Kenna Security Platform Demo
  • Welcome to Next-Gen Vulnerability Management Webinar | Kenna Security Recorded: Sep 13 2018 55 mins
    Jonathan Cran, Head of Research at Kenna Security, and Rik Turner, Principal Analyst at Ovum
    To say that technology advances quickly is an understatement. With that growth has come a rapid increase in the sheer number of vulnerabilities threatening the security and well-being of organizations of every size and industry.

    No one is immune to cyber threats, but when you lack the context required to prioritize what to remediate first, and it's impossible to remediate every single vulnerability, how do you even know where to start?

    It’s time to get ahead of the cyber curve.

    Join Jonathan Cran, Head of Research at Kenna Security, and Rik Turner, Principal Analyst at Ovum, for our next webinar: Welcome to Next-Gen Vulnerability Management on Thursday, September 13 at 8:00am PT. We’ll cover:

    - The pitfalls of traditional remediation approaches in an ever-evolving digital world
    - A comparison of those approaches against a cutting-edge predictive model
    - The role of AI and machine learning in reducing risk
    - How prioritization and prediction can increase your security team’s efficiency and effectiveness

    Welcome to the next generation of vulnerability management. Register now.
  • Stop Playing Catch-Up on Risk: How To Prioritize and Address App Vulnerabilities Recorded: Aug 21 2018 35 mins
    Ed Bellis, CTO of Kenna Security
    Finding and prioritizing application vulnerabilities is an extremely time-consuming, manual process, and it’s one that is rarely undertaken comprehensively. It’s not that application security teams don’t know where risk lies—they do. Many simply lack the time, resources, or context to address those which pose the greatest risk.

    The result? Oftentimes, the wrong vulnerabilities are fixed while the more dangerous ones are left unaddressed, forcing your team into reaction mode after the damage is already done.

    Join us for our next webinar: “Stop Playing Catch-Up on Risk: How To Prioritize Application Vulnerabilities,” powered by the Kenna Application Risk Module.

    In this webinar, you’ll learn:

    - The challenges in identifying vulnerabilities at the application layer
    - The requirements to better manage application risk
    - What application security teams can do to improve their risk posture
    - How the Kenna Application Risk Module can help you proactively manage your application risk

    Enable security and DevOps teams, developers, and executives to team up to proactively remediate application risk. Join us and see the Kenna Security Application Risk Module in action to learn how you can take a risk-based approach to application security.
  • From Prioritization to Prediction-Analyzing Vulnerability Remediation Strategies Recorded: Aug 14 2018 51 mins
    Wade Baker & Jay Jacobs Co-Founders & Partners, Cyentia Institute & Jonathan Cran, Head of Research, Kenna Security
    With an average of 40 new vulnerabilities emerging every single day, to say that staying ahead of the latest threats is a challenge is an understatement.

    Today, organizations are generating an unprecedented amount of data, and with that data, comes thousands, if not millions, of vulnerabilities. Unfortunately, it’s simply impossible for any organization to remediate every single one and ensure 100% coverage of its attack surface.

    But that’s where the capability to predict exploits comes into play..

    Join us and the Cyentia Institute for our next webinar: From Prioritization to Prediction: Analyzing Vulnerability Remediation Strategies. Fueled by the first-of-its kind research findings from Kenna Security and the Cyentia Institute, we’ll cover:

    - The quantitative effectiveness between common remediation strategies and a cutting-edge predictive model
    - A detailed review of the data sources available for building or improving decision models for vulnerability remediation
    - A discussion of the vulnerability lifecycle and examination of the timelines and triggers surrounding key milestones
    - Identification of the attributes of vulnerabilities that correlate with exploitation

    Deliver efficiency in your people, tools, time, and dollars to address the threats that pose the greatest risk. Register now.
  • Close the Gaps: Managing, Prioritizing, and Addressing Cyber Risk in Enterprises Recorded: Jul 31 2018 47 mins
    Jon Oltsik, Sr Principal Analyst at ESG & Karim Toubba, CEO of Kenna Security
    Cyber risk management is no easy task. Why? Because while security teams may know about these vulnerabilities, they often lack the right amount of context to determine which vulnerabilities pose the greatest risk to the organization. Without this, the security team can’t appropriately prioritize which vulnerabilities should be remediated first.

    Join Kenna Security for our next webinar - “Close the Gaps: Managing, Prioritizing, and Addressing Cyber Risk in Enterprise Organizations,” with Jon Oltsik, senior principal analyst at ESG and Karim Toubba, CEO of Kenna Security.

    In this webinar, we’ll cover:

    - Findings from the July 2017 ESG Research Report, Cybersecurity Analytics and Operations in Transition
    - The challenges facing leadership teams in traditional methods of vulnerability management
    - Why more security data doesn’t always lead to better decisions
    - How the Kenna Security Platform can enable you take a risk-based approach to vulnerability management and help teams work cross-functionally to prioritize and mitigate cyber risk

    Discover the next wave of risk-based reporting and gain operational efficiency to maximize return on your risk mitigation efforts.
  • Applying Data Science to Measure Your True Risk Recorded: Jul 19 2018 47 mins
    Michael Roytman, Chief Data Scientist at Kenna Security
    There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.

    When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
  • How a Cybersecurity Executive Deals with Application Risk Recorded: May 16 2018 33 mins
    Joe Silva, Vice President of Cybersecurity for TransUnion
    Join Kenna Security for a discussion on how cybersecurity executives can benefit from taking a risk-based approach to application security – from aligning your teams around common goals to reduce the most risk, to metrics-based reporting to the board. Joe Silva, Vice President of Cybersecurity for TransUnion will provide real-world examples to explain how to overcome the unique challenges to application security to help you gain control over your application risk posture.

    Joe encounters the same challenges that plague you – application security testing data with limited coverage of the application attack surface or riddled with false positives; manual application analysis that simply can’t scale; and security teams that know there is risk, but simply don’t have the time, expertise, or context to find and remediate the relatively small percentage that are high-risk. He also understands what it’s like to have a security team that must convince developers to deviate from their primary responsibility to remediate the vulnerabilities.
Know Your Risk
Kenna is a pioneer and leader of a new category of IT security solutions that allows security and IT teams to efficiently focus on the vulnerabilities posing the greatest risk to their IT environments. We’ve experienced firsthand just how frustrating and challenging security can be – the struggles with being unable to keep up with the volume of scan data, having to settle for inadequate security due to budget constraints, picking a remediation list at random (and hoping for the best), and being unable to measure and report on your team's efforts to reduce your exposure to risk.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 3 Ways to Make Better Decisions When Managing Cyber Risk
  • Live at: Nov 14 2018 6:00 pm
  • Presented by: Jerry Gamblin, Principal Security Engineer, Kenna Security; Jeff Aboud, Director of Product Marketing, Kenna Security
  • From:
Your email has been sent.
or close