Threat Exposure Management Solutions Forum

  • Friday, 02 Dec 2022 11:00AM EST (02 Dec 2022 16:00 UTC)
  • Speaker: Chris Dale

Threat Exposure Management (TEM) is a new approach to security designed to help organizations identify, prioritize and manage unexpected risks or exposures. This approach differs from standard threat management practices by taking a contextual view of threats, focusing on establishing a process for how information is collected and integrated together to inform better and faster decision making. 

Though the term, threat exposure management, is new, the concepts behind it are not. Threat exposure management is about combining an organization’s existing asset and vulnerability management capabilities with a new suite of tools. This process is designed to close gaps and develop a process for determining attackability and reducing risk in a quick and logical way. 

This half-day event will bring together thought leaders, subject matter experts and practitioners to discuss, share and discover best practices for addressing the operational challenges associated with work-from-home transitions, cloud migrations, M&A, shadow IT and the rise of ransomware attacks.

Topics include:

  • Understanding Threat Exposure Management 
  • External Attack Surface Management
  • Eliminating Shadow IT 
  • Integrating ASM with SOAR, SIEM & TIP Platforms
  • Managing Third Party Risk


As an added bonus, one lucky registrant will be chosen as the recipient of a SANS Course valued at $8200!! *** All event registrants will be entered in a drawing for a complementary SANS Course of your choice sponsored by Randori.*** (Travel & hotel expenses not included).

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once and you're set for all events in 2022!



Agenda | December 2, 2022 | 11:00 AM - 2:45 PM EST

Timeline (EST)

Session Details

11:00 AM

Welcome & Opening Remarks

Chris Dale, Principal Instructor, SANS Institute

11:20 AM

Exposure Management - The Integration of Threat Intelligence, Attack Surface and Vulnerability Management into Threat Management Programs

Threat management programs aiming to establish visibility, detection, investigation and response are becoming more complex as infrastructure and workforces expand and adapt. This not only makes threat management more challenging, but can also dramatically increase our exposure to attack. So how can we do a better job of proactively understanding and reducing the risks and exposures associated with this disparate environment, while simultaneously significantly reducing the stress on our threat management systems and teams? Join us to hear what we have learned from thousands of engagements in this developing field, which we are referring to as Exposure Management. This approach has the goal helping organizations reduce risk and inefficiencies and get the most out of the tools, processes and people that they have. All while enabling the business to evolve and thrive.

Sanara Marsh, Director, Product Marketing, Randori, an IBM Company

11:55 AMBreak
12:15 PM
Automating the Attacker’s Perspective - An Inside Look Into How Hackers Prioritize Targets at Scale

Join, Evan Anderson, Co-Founder & Principal Technologist at Randori, an IBM Company, for an exciting session that dives into the fast-paced world of offensive security. It’s clear from talking with hundreds of organizations that attackers and defenders often come to dramatically different conclusions around risk - even when looking at the same information. In this session, switch teams for a day as we pull back the curtain behind the system that keeps one of the world’s most advanced attack platforms on target 24/7/365. Through examples, Evan will show how Randori, IBM X-Force Red, (and real attackers) are leveraging AI and decades of experience to discover, classify and prioritize millions of targets daily across some of the world’s largest organizations. He’ll break down the 6 “tempting” factors every vulnerability team should be using to prioritize risk.

Evan Anderson, Principal Technologist, Randori, an IBM Company

12:50 PM
Shadow IT Elimination: 5 Workflows Every Security Team Needs

In this practical session, Randori Director of Product Marketing, Sanara Marsh, will break down 5 proven workflows, taken from most effective security teams, you can adopt to minimize your Shadow IT Risk. Attendees will gain in-depth insight into how to integrate ASM with vulnerability management, asset management, ticketing, threat intelligence and cloud providers. Each will include real-world examples of how companies like Air Canada, Lionbridge, NOV, and more are using these workflows to eliminate Shadow IT.

Isabella Rocha, Technical Product Marketing Manager, Randori, an IBM Company

1:25-1:40 PM
Closing Remarks

Chris Dale, Principal Instructor, SANS Institute