Kenna Security
Kenna Security is a cybersecurity company that provides a risk-based vulnerability management platform for enterprises to prioritize and manage security vulnerabilities using data science and threat intelligence.
- Risk-based vulnerability management platform for enterprise environments (vulnerability management)
- Use of data science and predictive analytics to score and prioritize vulnerabilities (security analytics)
- Ingestion and correlation of asset, vulnerability, and threat intelligence data from multiple security tools (security data aggregation)
- Support for integration with existing Security Operations (SecOps), ticketing, and workflow systems (security operations integration)
- Dashboards and reporting to support security, IT, and executive stakeholders in risk-based decision-making (security reporting)
More About Kenna Security
Kenna Security focuses on risk-based vulnerability management for enterprises that operate complex IT estates with large volumes of security findings from scanners, endpoints, cloud services, and application security tools. Its core platform ingests vulnerability and asset data from existing security scanners and IT management systems, correlates this information with external threat and exploit intelligence, and then generates risk scores to help security and IT teams decide which vulnerabilities to remediate first. This orientation toward risk scoring is designed to address the common scenario in which organizations have more vulnerabilities than they can remediate within standard maintenance windows.
The platform is positioned for enterprise SecOps centers, vulnerability management teams, and IT operations groups that require a way to align remediation activity with business risk rather than treating all vulnerabilities equally. By using data science and predictive models (security analytics), Kenna Security ranks vulnerabilities based on observed exploitation in the wild, exploit availability, asset context, and other factors. This approach aims to support workflows where security teams can focus on a subset of vulnerabilities that present higher risk to the organization, while de-prioritizing less likely exploitation paths.
Kenna Security commonly integrates with network and host vulnerability scanners, endpoint security tools, Security Information and Event Management (SIEM) platforms, CMDBs, ticketing systems, and collaboration tools (security operations integration). These integrations allow vulnerability and asset data to flow into the Kenna platform and enable prioritized remediation tasks to be pushed into IT service management or DevOps workflows. The platform typically exposes dashboards and analytics views tailored to different stakeholders, such as security engineers monitoring high-risk vulnerabilities, IT operations staff managing patch queues, and executives tracking risk posture over time.
Architecturally, Kenna Security operates as a cloud-based platform (security Software-as-a-Service (SaaS)) that aggregates data at scale from distributed enterprise environments. It applies correlation and scoring logic over this data, often using APIs and connectors to third-party systems. In marketplace and directory taxonomies, Kenna Security aligns with categories such as vulnerability management, risk-based vulnerability prioritization, and security analytics. Organizations use it alongside existing scanning, detection, and response tools to provide a risk context layer that informs remediation decisions, reporting, and resource allocation for enterprise security programs.