Vulnerability Wrangling

12th December 2018

11:00 a.m. EST / 4 p.m. GMT

The term wrangler came into vogue in the 1800s (reaching peak usage around the 1850s) and was used to describe young men who managed mounts for cowboys . In this session you will not find cowboys of the western classic variety but modern wranglers of vulnerabilities.

Vulnerabilities have been overwhelming security practitioners for years. Currently an average of 19 CVEs are published every day. They've increased at scale greater than our ability to manage them. As this number scales every upward, so does the risk of overlooking important issues - losing them in the noise and chaos.

In this session, our security expert, Mark Arnold, will present his perspectives on the current vulnerability landscape to help the audience assess risk, understand abstraction, and prioritize remediation.

He will discuss issues pertinent for wrangling vulnerabilities:

  • Vulnerability coverage
  • CVE
  • CVSS scoring
  • Prioritization and more.

Attendees will learn from his insights and mistakes, drawing upon his experiences to avoid common pitfalls encountered when managing vulnerabilities.

Attendees will learn:

- An understanding of what is and will remain broken

- A strategy for navigating the current state of vulnerability management

- Approaches towards proactive remediation

“Without vulnerabilities there is no risk” (@JKOUNS, RISK BASED SECURITY” CIRCA 2013). Without wranglers we are doomed.