A fluid and effective Vulnerability Management Framework, a core pillar in most Enterprise Security Architectures (ESA), remains a continual challenge to most organizations. Ask any of the major breach targets of the past several years. This talk applies the recent OWASP Application Security Verification Standard (ASVS) 2014 framework and applies it to Enterprise Vulnerability Management in an attempt to make a clearly complicated yet necessary part of your organization's ESA much more manageable, effective and efficient with feasible recommendations, based on your business' needs.

Rockie Brockway is the Information Security and Business Risk Director at Black Box Network Services and BSidesCleveland organizer. With over two decades in InfoSec/Risk, Rockie teams with clients to understand the value and location of business critical data in an effort to further enable organizational innovation and to protect the brand.

Back to BSides Detroit 2015 video list