Security Vulnerability Prioritization: Managing Millions of Vulns

  • Friday, 22 Nov 2019 3:30PM EST (22 Nov 2019 20:30 UTC)
  • Speaker: Jonathan Risto

Do you feel that your vulnerability management program is overwhelmed with repots of problems that need to be fixed? 'Does it feel like the program is chasing its tail and not getting ahead? 'Within vulnerability management, vulnerability prioritization is a key aspect of any program, by helping us understand what vulnerability needs to be actioned before others. 'Whether you are using CVSS or leveraging threat intelligence, prioritization methods help wade through the noise and understand what is important within our environment.

Based on material in the SANS MGT516 class, this webcast will detail the different methods that can be used for prioritization: vulnerability centric, asset centric and threat centric prioritization and present a 5 level maturity model for vulnerability prioritization.