Add to my Schedule Holeman Lounge Borderless Cyber Track (BC)
Oct 08, 2019 04:45 PM - 05:15 PM (UTC)
20191008T1645 20191008T1715 UTC BC Track: Is the Damage Already Done? Automating Vulnerability Investigation As evidenced by many of the recent breaches, vulnerability management is a critical process for every enterprise. However, discovering and remediating vulnerabilities alone may not provide the enterpr... Holeman Lounge Borderless Cyber USA / Washington, D.C. / 8-10 October 2019 events@oasis-open.org

As evidenced by many of the recent breaches, vulnerability management is a critical process for every enterprise. However, discovering and remediating vulnerabilities alone may not provide the enterprise with the complete risk picture. Remediation means that the vulnerability can no longer be exploited, but has it already been exploited? 


Scanning schedules, deployment testing and patch window mean that a vulnerability may persist for some time prior to remediation. Â Implementing an automated process of vulnerability investigation through a Security Orchestration, Automation and Response (SOAR) solution can help enterprises quickly find evidence of possible vulnerability exploitation and ongoing risk. 


This talk will outline the gaps in our existing vulnerability management methodologies and how these gaps can lead to unknown risk in the organization. We will then discuss how a SOAR solution can be used to identify any potential risk to the organization for automated or manual mitigation. We will conclude with a use case, showing how this can be achieved in practice.


Key take-aways:

  • Gaps present in our current vulnerability management methodologies
  • How SOAR can help address these gaps and minimize risk