The problem that must be solved

Despite leaps and bounds in cybersecurity technologies and capabilities, the number and severity of breaches have continued apace as if nothing has changed. As might be expected, adequate insurance is costly and difficult to obtain in this adversarial environment[i]. Around two-thirds of members of boards of directors lack confidence in

Read More

Modeling Reality: A Business Operation

From the developer’s desk, Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the seventh installment. I realized I’ve gotten a bit ahead of myself and neglected to explain a central piece of our software: the business

Read More

Modeling Reality: The Great Wall of Fire

From the Developer’s Desk, by Eric Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the sixth installment. We’ve recently been focused mainly on the offensive side of cybersecurity—how an attacker causes a breach. Now let’s switch gears

Read More

Modeling Reality: User Error

From the Developer’s Desk, by Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the fifth installment. Last week we discussed attacks on the user community in the context of vulnerability chaining. This week we will look

Read More

Threat Intelligence: Quality versus Quantitiy

  I really enjoyed Charlotte Henry’s article, “Is threat intelligence being devalued by an information overload?” in the Computer Business Review (read article). The central point of the piece is that it is likely that companies feel safer by raising large number of alerts, many of which are false positives,

Read More

Modeling Reality: Vulnerability Chaining

From The Developers Desk, By Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the fourth installment. Last week we briefly glossed over the idea that an attacker may have to chain together multiple vulnerabilities in order

Read More

Modeling Reality: In to the Breach

From the Developers Desk, by Erik Anderson   Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the third installment. The past two weeks we’ve talked about vulnerabilities and attacks. When these come together, the result is a breach.

Read More

Risk Management for Cybersecurity

From the Founders Desk, Roderick Flores Previously, I discussed how it is feasible to create a regular and timely threat forecast. However, it is only the first step in developing a proper risk management strategy. You must place threat forecasts into context by which I mean that for a bad

Read More

Modeling Reality: Under Attack

From the Developer’s Desk, by Erik Anderson. Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the second installment. Last week we discussed our vulnerability model; on the other side of that coin are the attacks. In our system

Read More

Modeling Reality: The Life of a Vulnerability

From the developer’s desk, Erik Anderson Modeling Reality is a series of blog posts describing how real world scenarios are modeled by our software. This is the first installment. The average end user has a rather simplistic view of a software vulnerability: they receive a notification telling them to update

Read More