A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Building a Scalable Vulnerability Management Program for Effective Risk Management - Katie Perry Bloomcon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Building a Scalable Vulnerability Management Program for Effective Risk Management
Katie Perry

Bloomcon 2017

Multiple technologies can automate the identification of vulnerabilities across an IT environment. However, these tools often return massive amounts of data that leave the security team wondering how to prioritize findings, incorporate remediation into existing processes, and report results to executive leadership. This talk will review solutions based on implementations at various organizations, including Visa, Inc. The end goal is to: automate as much of the vulnerability lifecycle as is practical; clearly communicate associated risk to both technical and non-technical audiences; develop technology that enables all stakeholders and participants (administrators, executives, system owners, auditors, etc.) to complete their responsibilities most efficiently; and meet any compliance requirements.

Katie Perry is interim Director of Information Security Operations at Discovery Communications, home of the Discovery Channel. She is responsible for overseeing vulnerability management, incident response, and web application security functions. Prior to her career at Discovery, Katie was a security engineer at Visa and a consultant to a variety of public and private organizations. She founded a security consulting firm, Verismo Security, LLC, in 2015. Katie holds CISSP and CEH certifications and is a member of the Northern Virginia chapter of ISSA.

Back to Bloomcon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast