Multiple technologies can automate the identification of vulnerabilities across an IT environment. However, these tools often return massive amounts of data that leave the security team wondering how to prioritize findings, incorporate remediation into existing processes, and report results to executive leadership. This talk will review solutions based on implementations at various organizations, including Visa, Inc. The end goal is to: automate as much of the vulnerability lifecycle as is practical; clearly communicate associated risk to both technical and non-technical audiences; develop technology that enables all stakeholders and participants (administrators, executives, system owners, auditors, etc.) to complete their responsibilities most efficiently; and meet any compliance requirements.

Katie Perry is interim Director of Information Security Operations at Discovery Communications, home of the Discovery Channel. She is responsible for overseeing vulnerability management, incident response, and web application security functions. Prior to her career at Discovery, Katie was a security engineer at Visa and a consultant to a variety of public and private organizations. She founded a security consulting firm, Verismo Security, LLC, in 2015. Katie holds CISSP and CEH certifications and is a member of the Northern Virginia chapter of ISSA.

Back to Bloomcon 2017 video list