Welcome!

Related Topics: Cloud Security, Java IoT, Linux Containers, Agile Computing

Cloud Security: Blog Post

Risk I/O Is a One-Stop-Shop for Identifying the Most Critical Risks

RSA Interview with Ed Bellis, CEO and Cofounder of Risk I/O

Thanks for taking the time to answer my questions. Please tell us, what is Risk I/O all about and what do you do?

Ed Bellis: To really understand a company's risk, you can't look at threats and vulnerabilities separately; you have to bring them together in context. This is exactly what we've done at Risk I/O. We emerged in 2012 as the first SaaS platform to use big data security analytics to tell a security pro two important things: number one: which vulnerabilities pose the greatest risk to their organization, and number two: their likelihood of experiencing a breach. Our platform finds the most critical security issues within an organization and prioritizes what's most important.

What are you launching at RSA?

Bellis: Risk I/O has fully updated its user interface and streamlined the process from identifying a critical vulnerability to remediation in a single click. We're now offering a free a risk profile to anyone through our public RiskDB application, which takes into account the threat data that we're collecting and gives you a technology risk profile of your organization.

Additionally, we're bundling in perimeter scanning, so we've become a one-stop-shop for identifying the most critical risks. Customers no longer require additional security tools in order to identify these risks.

Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?

Bellis: For Risk I/O, while our customers span from the Fortune 10 all the way down to SMB, our primary target has been the mid-markets and small enterprise. Our customers/users are typically in information security or have information security responsibilities. So, it could range from being a Chief Security Officer in a large organization to a Network Administrator in smaller organizations.

The biggest challenge we face, is educating the market that the existing way of doing business simply doesn't work. What I mean by this, is traditionally, to assess security risks and prioritize what is most important, this usually falls on teams of people sorting through the data, spreadsheets, and writing their own scripts. As an emerging tech company, we're branding ourselves in this new space.

I'd be curious to hear any general thoughts you have on market trends...

Bellis: Specifically, talking about vulnerability management, the first evolution was vulnerability assessment, or, to put it another way, customers wanted to know where are all my vulnerabilities? Now, we've got to the stage, where they know where their vulnerabilities are, and they're everywhere. The next problem to solve is what do I do next? What do I fix first? How do I fix them?

At Risk I/O, we believe that using real-world and real-time data is going to help in the decision-making process and prioritization will become key to this segment.

What's the business model? How will you make money?

Bellis: As a business model, Risk I/O operates as a Software as a Service, and we sell subscriptions to our product. We offer subscriptions that are monthly or annually and are based on the number of technology assets an organizations is managing. We start our pricing at $1 per asset, per month, and offer bulk discount as the number of assets go up.

Who are your competitors?

Bellis: Far and away, the current way of doing business, which, again, are teams of people going through spreadsheets and writing their own scripts, and trying to figure out through lots of time and people resources, what's a priority. The reality is, the current way of doing business just isn't working.

How do you differentiate from your competitors?

Bellis: What really sets Risk I/O apart is that we give you the visibility outside your network, outside of your firewall, to let you know what the threat landscape looks like and what are the most important issues you have internally. So, we use real-world, real-time data to help you make better security decisions.

Who founded the company, when? What can you tell me about the story of the company's founding?

Bellis: In 2010, I cofounded Risk I/O with our CTO Jeff Heuer. A little background on me, I was a former Chief Information Security Officer at Orbitz for about six years, where I was dealing with the very problem that we're solving at Risk I/O. Originally, I reached out to peers at Orbitz thinking there would had to be a solution in market, only to find that they were dealing with the same issue I was. So, that's when I gave my Cofounder Jeff a call and expressed the need to build a solution to solve this very real, very big problem.

What is your distribution model? Where to buy your product?

Bellis: We're a SaaS model, and you can sign-up directly on website and everyone gets a 30-day free trial. More information here, https://www.risk.io/

What's next on your product roadmap?

Bellis: We're looking to expand the amount of threat sources that we use both internally and externally. We'll continue to work through additional distribution partners and add integrations into more vulnerability assessment tools as well as remediation management tools.

What else would you like to add?

Bellis: Check out our white paper on Adopting A Real-Time,  Data-Driven Security Practice

Risk I/O is a threat management platform that processes external Internet breach and exploit data with an organization's vulnerability scan data to monitor, measure and prioritize vulnerability remediation across their IT environment. As a result, organizations know their likelihood of experiencing a breach and what vulnerabilities pose the greatest risk. Risk I/O processes over a billion vulnerabilities a month against Internet breach data for its users. Risk I/O is used by over 800 companies, including multiple Fortune 500 companies and two from the Fortune 10. Backed by US Venture Partners, Tugboat Ventures, Costanoa Venture Capital, and Hyde Park Angels, Risk I/O is headquartered in Chicago, IL. More information about Risk I/O can be found at www.risk.io

More Stories By Xenia von Wedel

Xenia von Wedel is a Tech blogger and Enterprise Media Consultant in Mountain View, serving clients in a variety of industries worldwide. She is focused on thought leadership content creation and syndication, media outreach and strategy. She mainly writes about Enterprise, B2B solutions, social media and open source software, but throws the occasional oddball into the mix. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH. Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Aspose.Total for .NET is the most complete package of all file format APIs for .NET as offered by Aspose. It empowers developers to create, edit, render, print and convert between a wide range of popular document formats within any .NET, C#, ASP.NET and VB.NET applications. Aspose compiles all .NET APIs on a daily basis to ensure that it contains the most up to date versions of each of Aspose .NET APIs. If a new .NET API or a new version of existing APIs is released during the subscription peri...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
SYS-CON Events announced today that Hitrons Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Hitrons Solutions Inc. is distributor in the North American market for unique products and services of small and medium-size businesses, including cloud services and solutions, SEO marketing platforms, and mobile applications.
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...
Pulzze Systems was happy to participate in such a premier event and thankful to be receiving the winning investment and global network support from G-Startup Worldwide. It is an exciting time for Pulzze to showcase the effectiveness of innovative technologies and enable them to make the world smarter and better. The reputable contest is held to identify promising startups around the globe that are assured to change the world through their innovative products and disruptive technologies. There w...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...