contact us see demo
Learn about RiskSense Products

Take me back to RiskSense.com
Nida Stewart - Apr 9, 2018

RiskSense's Red Team 2017 Accomplishments - In Retrospect

Read More
Srinivas Mukkamala, CEO of RiskSense, Inc. and cyber risk expert, discusses a data-driven approach to cyber threat management. He explains how AI can be used to assess and prioritize vulnerabilities based on their actual exploitability, risk impact and the IT environment. Further, he details the success factors for implementing AI-driven risk prioritization - including the need for reliable data and the role of weaponization analysis to isolate threats that require immediate remediation.
Read More
Last year, an unpatched Apache Struts vulnerability was the foundation of a significant data breach that forced Apache Struts into the spotlight. We presented our findings and observations on vulnerability weaponization and related exploit patterns for Apache Struts vulnerabilities in our Apache Struts Spotlight Report, which is provided in this blog post.
Read More
Last year, Microsoft released security bulletin MS17-010 describing several remote code execution vulnerabilities present on virtually every version of Windows. Although a patch was released for MS17-010, many organizations continue to ignore applying patches for these critical vulnerabilities. In this blog, Sean Dillon discusses RiskSense's research on MS17-010 last year, a new exploit module RiskSense added to Metasploit this week, and additional mitigations and systems hardening that can be implemented outside of just applying the MS17-010 patch.
Read More
The successes of machine learning and artificial intelligence has spurred excitement and innovation in many fields, including the cyber security field. While everyone wants to capitalize on this success, Ben Mixon-Baca talks about concerns regarding the quality and quantity of data and how ninety-nine percent accuracy may not be as accurate as you may think.
Read More
Weaponization is constructing an exploit for a vulnerability. In this blog post, we will discuss what key elements are involved, the different weaponization state types, and lessons organizations can learn from weaponization patterns.
Read More
Security researchers have just discovered two attacks that affect most CPUs manufactured in the last twenty years. These attacks use techniques only discovered in the past year to traverse one of the basic security boundaries protecting computer processes: virtual memory. This post contains information to let you assess the impact on your organization and ensure you are protected.
Read More
Many organizations use the National Vulnerability Database (NVD) to determine what actions to take regarding their cyber security. While this information is useful, the method that it is presented in tells organizations very little. What vulnerabilities are most important for organizations to patch? The RiskSense Platform takes information from the NVD and assists organizations in determining what vulnerabilities will impact them the most.
Read More
Pamela Chang - Dec 28, 2017
RiskSense specializes in presenting cyber risk for its clients through insightful visualization and analysis techniques. In this blog post, we present our unique multi-fold approach that combines user interface with engineering to address the complexity of visualizing cyber risk across multiple organizational business groups using a distributed bubble chart. The bubble chart visualization helps our end users to quickly identify the high-risk groups within their organizations, while retaining the holistic picture of their cyber risk posture.
Read More
Although your website may be secure, untrusted third-party widgets or applications installed on your website could expose visitors to suspicious programs. This article shows how installing a simple weather widget on your website could transform your site into a cryptocurrency miner.
Read More


Reveal Cyber Risk Across a Growing Attack Surface




contact us at +1 505.217.9422

  • follow us
© 2017 RiskSense, Inc. All rights reserved. Use of this website assumes acceptance of Legal Notices, Privacy Policy, Service Level Agreement and Acceptable Use Policy.