addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgoogleimageimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Vulnerability & Exploit Trends: A Deep Look Inside The Data


This talk is a different take on vulnerability statistics. Instead of examining vulnerability definitions from nvd, osvdb, etc - we look at live vulnerabilities on real networks - millions of them.  Instead of examining a single tool, this talk represents the aggregation of data from 20 of the leading security tools on the market and a thorough review of the data they generate.  

First, we examine the overlapping data generated from the aforementioned tools. Next, we will compare and contrast it with the output of multiple breach reports and databases, and extract trends that may be important in helping us reduce the number of breaches in the future. The corpus of this research is from over 30,000,000 vulnerabilities analyzed from the past 12 months, generated from across some of  the largest corporations in the world.

We'll use this data to discuss how people are remediating vulnerabilities, how effective their efforts are, and how they could do a little bit better.


Michael is responsible for building out Risk I/O's predictive analytics functionality. He formerly worked in fraud detection in the finance industry, and holds an MS in Operations Research from Georgia Tech. In his spare time he tinkers on everything from bikes to speakers to cars, and works on his pet project: outfitting food trucks with GPS.

Ed is the CoFounder of Risk I/O a vulnerability intelligence Software as a Service that centralizes, correlates and automates the entire stack of security vulnerabilities and remediation workflow. Ed has over 20 years of experience in information security and technology. He is a frequent speaker at information security events across North America and Europe. Additionally, Ed is a contributing author to the book Beautiful Security by O'Reilly and a blogger on CSO Online.

Join or login to comment.

  • Kofi

    Very informative. Big thanks to the organizers and presenters. Looking forward to more of this.

    1 · September 27, 2013

  • Ryan B.

    Hey guys,

    Here are the slides from the presentation last night.

    September 27, 2013

  • Bernie L.

    This makes sense. I believe it is going in the right direction. Good guys are falling behind everyday. This is a good step to leap frog instead of just relying on faster CPU to catch up.

    1 · September 27, 2013

  • Ryan B.

    Awesome presentation by Michael and Ed and big thanks to Akamai for hosting!

    September 27, 2013

  • Michael A. A.

    Outstanding -- one of the best we've done. The industry has been looking at remediation all wrong, and Risk I/O is using actual science and data to show us what to do differently.

    September 27, 2013

  • Gregorie T.

    Running late but I'll be there before 7!

    September 26, 2013

    • Mike M.

      Still doing introductions.

      September 26, 2013

  • Logan S.

    Let's make this one as good as the last one Ryan!

    September 26, 2013

  • nicolai s.

    This is going to be awesome

    September 25, 2013

  • Martin O.


    I cant attend because:

    We are excited to inform you that your WindyCitySDR has been selected to be a showcased start-up at Tech Cocktail's Chicago Mixer & Startup Showcase sponsor by Speaker Series on Thursday, September 26th, 2013:

    September 24, 2013

Our Sponsors

  • Workbridge

    Free beer and pizza and a place to meet in The Loop

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy