Hands-on, immersive CTI courses at the Cyber Threat Intelligence Summit & Training in January! Register for the free Summit!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

If All Is Quiet, Are You Really Secure? Understanding Zero-Day Vulnerabilities

  • Thursday, December 11, 2014 at 3:00 PM EST (2014-12-11 20:00:00 UTC)
  • Michael Roytman, Jayson Jean


  • Risk I/O
  • VeriSign, Inc.

You can now attend the webcast using your mobile device!



One of the biggest challenges facing security teams today is staying up-to-date on the ever-changing security threat landscape. Cyber criminals now have access to a massive arsenal of zero-day vulnerabilities, and they are being sold on the open market to the highest bidder. And according to Verisign iDefense research, over 80% of those zero-day vulnerabilities detected are classified as "high severity."

Knowing that the zero-day market place is thriving changes the dialogue from "zero-days are too rare and infrequent to spend time on", to "they are already here and you might just not know it". It's no longer a question of if you will encounter zero-days, but how do you plan to locate, prioritize and remediate the ones already knocking on your door. The only defense is having advanced knowledge of exactly which attacks are most likely to be successfully launched against your environment and leveraging a risk-based prioritization method to shrink your attack surface.

In this webinar, attendees will hear from Versign's Jayson Jean, Director of Vulnerability Management and Risk I/O's Michael Roytman, Data Scientist as they illustrate the need for zero-day awareness, including:

  • The discovery of a zero-day and its potential impact.
  • Using zero-day vulnerability information to detect critical risks in your environment.
  • Understanding which part of your infrastructure is impacted.
  • Suggested actions to take while waiting for a fix to become available.
  • Evaluating and communicating both the likelihood and impact to your organization

Speaker Bios

Jayson Jean

Jayson Jean is the Director in charge of the strategic direction and fulfillment of product requirements for iDefense’s Vulnerability Management solution set portfolio. Operationally, Jayson provides management oversight for both the Vulnerability Research Lab and Vulnerability Exploit Intelligence functional components. Jayson brings more than 15 years of technical experience in the software, telecommunications and security industries. Early in his career, he worked at several start-up companies as a network engineer. Prior to joining Verisign, Jayson worked for Science Applications International Corporation (SAIC), where he served as a security analyst for the US Department of Homeland Security (DHS).

Michael Roytman

Michael Roytman is responsible for building out Risk I/O’s predictive analytics functionality, and has been selected to speak at some of the top information security events on this topic, including BSides, Metricon and SIRACon. He formerly worked in fraud detection in the finance industry, and holds an MS in Operations Research from Georgia Tech. His home in Chicago contains a small fleet of broken-down drones.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.