One problem which has been lingering for too long in the security industry is the concept that “security research” has long been way more of an art than a science. As our industry matures, we need to change this approach and add more scientific rigor to our industry.
This is why at Tenable, we decided to take a pragmatic and formal approach to research. We believe that there’s an urgent need to make the internet a safer place for everyone. For us, that begins with a singular focus on pinpointing security problems and sharing our findings quickly, openly and responsibly with the broader tech community.
Today we’re unveiling Quantifying the Attacker’s First-Mover Advantage – a first-of-its-kind study that looks at the immediate, crucial moves that security teams and their adversaries make in the hours or days after a vulnerability is first discovered. This type of study is important for our industry as we continue to hone the discipline and rigor that we apply to driving security into the very heart of every digital organization. Moreover, Quantifying the Attacker’s First-Mover Advantage indicates that security is a sprint, not a marathon and that the way the race begins has tremendous implications for how it will end. It also underscores the need for a more agile approach to security, a CI/CD-inspired cyber program more in sync with the realities of today’s dev cycles, if you will.
We believe that this type of research is one fundamental way that we can help to keep people safer. It’s one of the ways we give back to the community.
Expect to hear more from our researchers over the next few weeks as we unveil new, original research.