Despite leaps and bounds in cybersecurity technologies and capabilities, the number and severity of breaches have continued apace as if nothing has changed. As might be expected, adequate insurance is costly and difficult to obtain in this adversarial environment[i]. Around two-thirds of members of boards of directors lack confidence in
Read More
From the developer’s desk, Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the seventh installment. I realized I’ve gotten a bit ahead of myself and neglected to explain a central piece of our software: the business
Read More
From the Developer’s Desk, by Eric Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the sixth installment. We’ve recently been focused mainly on the offensive side of cybersecurity—how an attacker causes a breach. Now let’s switch gears
Read More
From the Developer’s Desk, by Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the fifth installment. Last week we discussed attacks on the user community in the context of vulnerability chaining. This week we will look
Read More
I really enjoyed Charlotte Henry’s article, “Is threat intelligence being devalued by an information overload?” in the Computer Business Review (read article). The central point of the piece is that it is likely that companies feel safer by raising large number of alerts, many of which are false positives,
Read More
From The Developers Desk, By Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the fourth installment. Last week we briefly glossed over the idea that an attacker may have to chain together multiple vulnerabilities in order
Read More
From the Developers Desk, by Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the third installment. The past two weeks we’ve talked about vulnerabilities and attacks. When these come together, the result is a breach.
Read More
From the Founders Desk, Roderick Flores Previously, I discussed how it is feasible to create a regular and timely threat forecast. However, it is only the first step in developing a proper risk management strategy. You must place threat forecasts into context by which I mean that for a bad
Read More
From the Developer’s Desk, by Erik Anderson. Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the second installment. Last week we discussed our vulnerability model; on the other side of that coin are the attacks. In our system
Read More
From the developer’s desk, Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the first installment. The average end user has a rather simplistic view of a software vulnerability: they receive a notification telling them to update
Read More