About this Talk
This talk provides the shortcomings in current vulnerability scoring techniques like CVSS, and EPSS when it comes to triaging vulnerabilities. Provides directions, scientific foundations and use cases of how to build more robust vulnerability management programs that are driven by risk-based decisions. This talk also gives a sneak peek into current state of art research, use cases and open problems in this fascinating and emerging area of "Cyber Risk Intelligence" (Not to be confused with Cyber Threat Intelligence). The talk content is based on the experiences of the speaker working with numerous clients globally and at the same time humble attempt to push the technology boundaries of cyber risks
Publication:
- Risk Prioritization (https://seconize.co/blog/how-to-prioritize-cloud-native-vulnerabilities/),
- Cyber Risk Management 101 ( https://www.youtube.com/watch?v=SzFSQqQNYCM&t=6s ) ,
- Cyber Risk Intelligence (https://youtube.com/watch?v=3qCGMMcOn_o),
- Free Risk Scoring Tool (https://riskscore.info - TBA)
For more info on this session, please visit the session page at the Summit's website