Sashank Dara

Demystifying Risk and the Future of Vulnerability Management

A Talk by Sashank Dara

About this Talk

This talk provides the shortcomings in current vulnerability scoring techniques like CVSS, and EPSS when it comes to triaging vulnerabilities. Provides directions, scientific foundations and use cases of how to build more robust vulnerability management programs that are driven by risk-based decisions. This talk also gives a sneak peek into current state of art research, use cases and open problems in this fascinating and emerging area of "Cyber Risk Intelligence" (Not to be confused with Cyber Threat Intelligence). The talk content is based on the experiences of the speaker working with numerous clients globally and at the same time humble attempt to push the technology boundaries of cyber risks

Publication:

  • Risk Prioritization (https://seconize.co/blog/how-to-prioritize-cloud-native-vulnerabilities/),
  • Cyber Risk Management 101 ( https://www.youtube.com/watch?v=SzFSQqQNYCM&t=6s ) ,
  • Cyber Risk Intelligence (https://youtube.com/watch?v=3qCGMMcOn_o),
  • Free Risk Scoring Tool (https://riskscore.info - TBA)

For more info on this session, please visit the session page at the Summit's website

13 December 2022, 02:00 PM

02:00 PM - 03:00 PM

About The Speaker

Sashank Dara

Sashank Dara