Build crucial cyber security skills through interactive training during SANS Cyber Security Mountain 2021. Save $150 thru 6/30.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Prioritizing the security backlog

  • Thursday, October 15, 2020 at 10:30 AM EST (2020-10-15 14:30:00 UTC)
  • Alyssa Miller, Ismael Valenzuela


  • Snyk

You can now attend the webcast using your mobile device!



Live Debate:

Developers are increasingly taking more and more responsibility for finding and fixing the security vulnerabilities in their apps. When they do so, however, theyre often faced with a long backlog of vulnerabilities. Already stretched for time and resources, and under constant pressure to roll out functional and secure code more rapidly and frequently, the only way developers can tackle these backlogs is by prioritizing effectively.

Deciding which issue to address first is hard, and requires not only time but also security expertise and context that allows developers to quickly and accurately assess the threat the vulnerability poses to the organization. Developers will often not possess these key ingredients and so need to rely on specialized tools for support. In this webinar, we will see how Snyk helps organizations drive effective prioritization decisions by providing development and security teams with a suite of developer-first prioritization capabilities.

Speaker Bios

Alyssa Miller

Alyssa Miller is a hacker, security advocate, cyber security professional and public speaker with almost 15 years of experience in the security industry. Her experience includes penetration testing, threat modeling and working with business leaders to build enterprise security programs. She speaks internationally at industry, vendor, and leadership conferences on topics ranging from technical security vulnerabilities, to high-level security program strategies, to issues within the security community itself. She is a member of the Chapter Leader for Women of Security (WoSEC), an Advisory Board member for Blue Team Con in Chicago, and she currently works as an Application Security Advocate for London-based Snyk Ltd.

Ismael Valenzuela

SANS Certified Instructor Ismael Valenzuela ( is coauthor of the CyberDefense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, and holds many professional certifications, including the highly regarded GIAC Security Expert (GSE #132).

Since he founded one of the first IT Security consultancies in Spain, Ismael Valenzuela has participated as a security professional in numerous projects across the globe over the past 19 years. Prior to his current role as Senior Principal Engineer at McAfee, where he leads research on threat hunting using machine-learning and expert-system driven investigations, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd, one of the world's largest providers of healthcare IT solutions, managing their security operations in more than 40 countries.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.