Context is king; Prioritization is queen, and CVSS is dead

A talk by Francesco Cipollone
CEO and Founder, Appsec Phoenix

14 December 2022, 03:00 PM

Have you booked your place yet?

By submitting you agree to the Terms & Privacy Policy
Book my place

About this talk

CVSS, CVE, Vulnerabilities and the land of broken dreams, Stop your tiers and start with a risk approach and contextual view of vulnerabilities


Abstract 

Vulnerability tooling is increasing, security advisories are faster, and teams are leaner. Have we lost the battle of vulnerabilities, is shift left and is security everyone’s problem working? 

We present a risk and cyber quantification view on vulnerabilities across cloud, application, and infrastructure addressing modern approaches to cybersecurity from the point of view of the product security team. 

We will walk several use cases that shows how context, prioritization, probability and impact analysis can be used to improve which vulnerability to solve first 


Publications:


https://appsecphoenix.com/context-is-king-in-appsec-cloudsec/


https://appsecphoenix.com/prioritize-vulnerabilities-risk-context-vulnerability-appsec-cloudsec/


https://appsecphoenix.com/vulnerability-timelines-sla-measurement-and-prioritization-the-how-and-the-why-of-application-and-cloud-security-objective-setting/


Whitepaper:


https://appsecphoenix.com/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/

For more info on this session, please visit the session page on the Summit's website.


Tracks covered by this talk

Sponsor this Event

Your logo could go here!

If you'd like to get your brand in front of attendees contact us.

Loading content...

Loading content...