Risk assessments, metrics and frameworks

Get the help you need with your security risk assessments with this resource guide. Get the latest news, advice and analysis on risk assessment frameworks and metrics for enterprise security programs and discover which ones are right for your business.

New & Notable

Download this free guide

Free Guide: Root Causes of the Cybersecurity Skills Shortage

Our editorial director sat down with David Shearer, CEO of (ISC)², for a Q&A where they discussed what is (and isn’t) contributing to the cybersecurity skills shortage in the United States and how to fix the problem.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Risk assessments, metrics and frameworks News

February 26, 2019 26 Feb'19
CERT/CC's Art Manion says CVSS scoring needs to be replaced

Security expert Art Manion discusses what he calls major problems within the Common Vulnerability Scoring System and explains why CVSS needs to be replaced.
November 30, 2018 30 Nov'18
Mitre enters product testing with Mitre ATT&CK framework

The first round of evaluations using the Mitre ATT&CK framework has gone public, putting on display how different endpoint products detect advanced threat activities.
June 01, 2018 01 Jun'18
Federal cybersecurity report says nearly 75% of agencies at risk

The 'Federal Cybersecurity Risk Determination Report and Action Plan' shows the majority of federal agencies are at risk, and DHS suggests a lack of leadership may be to blame.
March 09, 2018 09 Mar'18
Tenable introduces Lumin cyber exposure platform

Tenable.io Lumin enables organizations to gauge their 'cyber exposure' to vulnerabilities and allows them to compare remediation efforts against industry benchmark data.

View All News

Risk assessments, metrics and frameworks Get Started

Bring yourself up to speed with our introductory content

What Moody's cyber-risk ratings mean for enterprises

Moody's announced it will soon begin composing cyber-risk ratings for enterprises. Kevin McDonald explores the move and what it could mean for enterprises and the infosec industry. Continue Reading
Endgame's Devon Kerr on what it takes to be a threat hunter

Threat hunting goes beyond mere monitoring and detection. Endgame's Devon Kerr explains tomorrow's threat hunters and the keys to successful cyberthreat hunting. Continue Reading
risk analysis

Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or critical projects in order to help organizations avoid or mitigate those risks. Continue Reading

View All Get Started

Evaluate Risk assessments, metrics and frameworks Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Who needs security orchestration, automation and response?

Who needs SOAR? Only those companies with understaffed, overworked IT security teams. Learn how SOAR tools free up security pros to tackle the more demanding projects. Continue Reading
Plugging the cybersecurity skills gap with security automation

Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder. Continue Reading
Using threat intelligence tools to prevent attacks on your enterprise

Using threat intelligence tools can help your enterprise stay one step ahead of attackers and possible threats. Learn how threat intelligence can be used in your company. Continue Reading

View All Evaluate

Manage Risk assessments, metrics and frameworks

Learn to apply best practices and optimize your operations.

Automating incident response with security orchestration

Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading
CISOs build cybersecurity business case amid attack onslaught

Continue Reading
How the SHA-3 competition declared a winning hash function

NIST tested competing hash functions over a period of five years for the SHA-3 algorithm competition. Learn the details of what they discovered from Judith Myerson. Continue Reading

View All Manage

Problem Solve Risk assessments, metrics and frameworks Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How automated patch management using SOAR can slash risk

Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management. Continue Reading
Find network security vulnerabilities by assessing risk

IT staff needs to regularly review network security vulnerabilities and security gaps to battle rising cybersecurity breaches and keep costs under control through risk assessments. Continue Reading
Zero-trust model promises increased security, decreased risk

The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading

View All Problem Solve