Tag: Kenna

  • Response to Kenna Security’s Explanation of the DBIR Vulnerability Mess

    [This was originally published on the OSVDB blog.] Earlier this week, Michael Roytman of Kenna Security wrote a blog with more details about the vulnerability section of the Verizon DBIR report, partially in response to my last blog here questioning how some of the data was generated and the conclusions put forth. The one real […]

  • A Note on the Verizon DBIR 2016 Vulnerabilities Claims

    [This was originally published on the OSVDB blog.] [Updated 4/28/2016] Verizon released their yearly Data Breach Investigations Report (DBIR) and it wasn’t too long before I started getting asked about their “Vulnerabilities” section (page 13). After bringing up some highly questionable points about last year’s report regarding vulnerabilities, several people felt that the report did […]