contact us see demo
Learn about RiskSense Products
Take me back to RiskSense.com
Learn about RiskSense Products

Take me back to RiskSense.com
Nida Stewart - Apr 9, 2018

RiskSense's Red Team 2017 Accomplishments - In Retrospect

Read More
Data-Driven Prioritization: The Role of AI in Vulnerability and Threat Management
Srinivas Mukkamala - Apr 6, 2018
Srinivas Mukkamala, CEO of RiskSense, Inc. and cyber risk expert, discusses a data-driven approach to cyber threat management. He explains how AI can be used to assess and prioritize vulnerabilities based on their actual exploitability, risk impact and the IT environment. Further, he details the success factors for implementing AI-driven risk prioritization - including the need for reliable data and the role of weaponization analysis to isolate threats that require immediate remediation.
Read More
RiskSense's Apache Struts Report: How Do These Vulnerabilities Affect Your Organization?
Nida Stewart - Mar 16, 2018
Last year, an unpatched Apache Struts vulnerability was the foundation of a significant data breach that forced Apache Struts into the spotlight. We presented our findings and observations on vulnerability weaponization and related exploit patterns for Apache Struts vulnerabilities in our Apache Struts Spotlight Report, which is provided in this blog post.
Read More
New Year, Same Old Exploits: RiskSense Adds More MS17-010 Modules to Metasploit
Sean Dillon - Feb 7, 2018
Last year, Microsoft released security bulletin MS17-010 describing several remote code execution vulnerabilities present on virtually every version of Windows. Although a patch was released for MS17-010, many organizations continue to ignore applying patches for these critical vulnerabilities. In this blog, Sean Dillon discusses RiskSense's research on MS17-010 last year, a new exploit module RiskSense added to Metasploit this week, and additional mitigations and systems hardening that can be implemented outside of just applying the MS17-010 patch.
Read More
I've Got 99 Cyber Security Problems and Accuracy is One
Ben Mixon-Baca - Feb 3, 2018
The successes of machine learning and artificial intelligence has spurred excitement and innovation in many fields, including the cyber security field. While everyone wants to capitalize on this success, Ben Mixon-Baca talks about concerns regarding the quality and quantity of data and how ninety-nine percent accuracy may not be as accurate as you may think.
Read More
From Vulnerability to Exploit: Understanding Weaponization
Nida Stewart - Jan 12, 2018
Weaponization is constructing an exploit for a vulnerability. In this blog post, we will discuss what key elements are involved, the different weaponization state types, and lessons organizations can learn from weaponization patterns.
Read More
The Kernel Page Tables Have Turned: Newly Discovered Hardware Vulnerability in Most CPUs: Spectre and Meltdown
Zach Harding - Jan 5, 2018
Security researchers have just discovered two attacks that affect most CPUs manufactured in the last twenty years. These attacks use techniques only discovered in the past year to traverse one of the basic security boundaries protecting computer processes: virtual memory. This post contains information to let you assess the impact on your organization and ensure you are protected.
Read More
The Details and the Dilemmas that the National Vulnerability Database Poses to Organizations
Nida Stewart - Dec 28, 2017
Many organizations use the National Vulnerability Database (NVD) to determine what actions to take regarding their cyber security. While this information is useful, the method that it is presented in tells organizations very little. What vulnerabilities are most important for organizations to patch? The RiskSense Platform takes information from the NVD and assists organizations in determining what vulnerabilities will impact them the most.
Read More
Visualizing Multi-Client Risk
Pamela Chang - Dec 28, 2017
RiskSense specializes in presenting cyber risk for its clients through insightful visualization and analysis techniques. In this blog post, we present our unique multi-fold approach that combines user interface with engineering to address the complexity of visualizing cyber risk across multiple organizational business groups using a distributed bubble chart. The bubble chart visualization helps our end users to quickly identify the high-risk groups within their organizations, while retaining the holistic picture of their cyber risk posture.
Read More
What Dangers are Hiding in Your Website's Third-Party Widgets?
Nate Caroe - Dec 28, 2017
Although your website may be secure, untrusted third-party widgets or applications installed on your website could expose visitors to suspicious programs. This article shows how installing a simple weather widget on your website could transform your site into a cryptocurrency miner.
Read More

Most Read Blogs
Featured Authors
RiskSense Careers
Interested in working for RiskSense? See our available job postings now!
VIEW NOW

Reveal Cyber Risk Across a Growing Attack Surface

request a demo now



contact us at +1 505.217.9422

  • follow us
© 2017 RiskSense, Inc. All rights reserved. Use of this website assumes acceptance of Legal Notices, Privacy Policy, Service Level Agreement and Acceptable Use Policy.