How to Show Business Benefit by Moving to Risk-Based Vulnerability Management

  • Tuesday, 11 Aug 2020 2:00PM EDT (11 Aug 2020 18:00 UTC)
  • Speakers: John Pescatore, Nathan Wenzler

Vulnerabilities are relentless and exploited by targeted attacks faster than ever with damaging results to business. Study after study shows that most successful attacks exploit well known vulnerabilities with existing patches. Most businesses already do some form of vulnerability scanning but for many, time to remediate has not gone down. Yet some organization have broken out of this pattern 'how have they done it?

One of the key difference makers has been evolving to risk-based vulnerability management. IT operations resources and change windows are scarce resources. Mature, risk-based vulnerability management incorporates fresh and accurate asset inventory and criticality identification, active threat intelligence and automation support to prioritize the most business-critical risks and focus resources on fixing the most business-damaging exposures first.

This webcast will help security managers determine their current vulnerability management baseline using a SANS-developed set of RBVM patterns. From there, SANS Director of Emerging Trends John Pescatore and a representative from Tenable will explore:

  • How to do a gap analysis to choose proven approaches for moving to RBVM
  • Selection criteria for evaluating products and vendor
  • Lessons learned for reducing time to mitigate and showing business benefit

Register today and be among the first to receive the associated whitepaper written by John Pescatore.