Blog

Jeff Hill
November 11, 2019

I got a chance to watch Dave Chappelle’s latest comedy special this weekend, and among the hour-long show’s bits was one that ridiculed Nancy Reagan’s 1980’s advice for drug addiction:  “Just Say No.” The First Lady’s bumper-sticker prescription to a massive public health and crime epidemic completely trivialized the complexity…

Jeff Hill
October 14, 2019

Contextual Prioritization in Vulnerability Management Imagine a healthcare system in which physicians treated all patients without regard to their individual circumstances.  Heart disease, for example, is a recognized, widespread threat to the health of a large slice of the American population.  It’s dangerous and prevalent. In this imagined world, all…

Eric Boivin
October 9, 2019

Visualizing your entire vulnerability management inventory, at a glance Having an accurate, current  asset inventory is essential to effective vulnerability management. It may sound obvious, but knowing what assets exist in your organization is the first line of defense in cybersecurity, and not necessarily trivial to accomplish. With Delve and…

Louis-Philippe Huberdeau
October 1, 2019

Inadvertently exposed files are the epitome of a classic aphorism:  never attribute to malice that which is adequately explained by stupidity. What are Exposed Files? The quote, known widely as Hanlon’s Razor, can be applied to myriad circumstances, but at times, it seems like it was written specifically for the…

Jeff Hill
October 1, 2019

Vulnerability Management and WWII Aircraft Professor Anderson, a legend in the Aerospace Engineering Department at the University of Maryland, was one of the best professors I ever had.  He just loved Aerospace Engineering, and especially its history.  At the end of each technical chapter in the textbook he wrote (and…

Eric Boivin
September 14, 2019

In cybersecurity, not all vulnerabilities are created equal. This is why prioritization is essential to know which ones really matter for your organization. In this blog post, I’ll present a new feature that we’ve added in the Delve platform to better understand where a vulnerability stands in an ecosystem. When…

Norman Menz
September 13, 2019

At one of my first jobs in the late 90s, one of my co-workers, a former mechanic and clearly good with cars, purchased an old manual for his used Datsun – pretty sure it was a Datsun, but don’t hold me to that – as he was planning a weekend…

Serge-Olivier Paquette
September 12, 2019

This is part 3 in our series on contextual predictive prioritization. In part 1 we presented the overwhelming problem of vulnerability prioritization and in part 2 we presented our solution, contextual analysis, using hands-on examples of real vulnerabilities. This final article will showcase how machine learning actually enables prioritization at scale and across organizations,…

Norman Menz
September 11, 2019

I’ve never much cared for the phrase “data-driven decision.”  It’s not that I endorse gut-level decision-making or shooting from the hip, but rather I take exception to the word “data” in this context.  In short, I think data is overrated. SIEMs can produce millions of logs in a day, but…