At one of my first jobs in the late 90s, one of my co-workers, a former mechanic and clearly good with cars, purchased an old manual for his used Datsun – pretty sure it was a Datsun, but don’t hold me to that – as he was planning a weekend…
This is part 3 in our series on contextual predictive prioritization. In part 1 we presented the overwhelming problem of vulnerability prioritization and in part 2 we presented our solution, contextual analysis, using hands-on examples of real vulnerabilities. This final article will showcase how machine learning actually enables prioritization at scale and across organizations,…
I’ve never much cared for the phrase “data-driven decision.” It’s not that I endorse gut-level decision-making or shooting from the hip, but rather I take exception to the word “data” in this context. In short, I think data is overrated. SIEMs can produce millions of logs in a day, but…
We always come from somewhere Almost no idea arises from a complete void. The idea of a genius thinker that possesses ideas that no one has is to startup world what unicorns are to biology: a fairy tale. Delve is certainly no exception to this reality. Before Delve had these…
In our previous blog post, we discussed the vulnerability management industry’s crippling problems. It’s inability to prioritize by context and it’s stubborn focus on chasing hype and predicting (mostly) irrelevant and naive vulnerability metrics, in otherwise very impressive dashboards. We then presented our general strategy for solving this problem. We…
This series of blog articles will explain in various detail our perspective with regards to vulnerability management and prioritization. This post presents our dissatisfaction with the current state of the industry and our proposed solution. In part 2, we will discuss in more depth some specific implementation details that clearly differentiate…
Anonymity at scale This article is the 3rd in a series on data anonymization. Remember that the purpose of data anonymization is to protect the privacy of an entity in a dataset while allowing the extraction of useful statistical information from the complete set. One of the main arguments of…
Disclaimer: The following article’s example is artificially constructed to illustrate the purpose of the research and while remaining relevant, does not directly represent the methods used for Delve Labs customer data handling. How to protect your meaningful data in a provably secure way In the first article of this series…
How security researchers can gain (probable) insights on (almost) anonymous data. At Delve Labs, our main concern is to provide our customers with better tools, helping them understand their information security posture. Therefore, we require insight into many intricate and sensitive details of their IT environment. We need the ability…