INTERFACE Seattle
Presented by Kenna Security
With an exponential increase in the volume and velocity of new vulnerabilities, it is no wonder that today's InfoSec and operations teams find it difficult, if not impossible, to meet the increasing demands of remediation. This doesn't even include internal corporate policies or politics which present significant barriers as well. It is not uncommon to discuss a prospective customer's VM program with them, only to find out that they are using spreadsheets to manage the load. They then hand off their "prioritized" workload to a group of admins who are not bound to the same policies or procedures. The average enterprise today has 100's of thousands to millions of vulnerabilities spread across tens of thousands of assets. A great many of these organizations continue to rely on CVSS scoring as the only benchmark. The latest research shows us that if you base your remediation strategy on fixing CVSS 7 or greater, your efforts will yield the same effectiveness as randomly choosing any set of active vulns in your environment to address. It is about 22% effective in either scenario. The purpose of this presentation is to discuss and explore more effective ways to address such challenges and roadblocks. In particular, how does a practitioner better prioritize and communicate with their various internal colleagues to improve their workflow and posture?