Vulnerability Management - Why Programs Fail and What You Can Do About It

Presented by

Brian Carey, Manager, Security Consulting, Rapid7

About this talk

Vulnerability Management should be at the core of every Information Security program (it’s CIS Control #3) and yet it is often one of the most misunderstood elements. Requiring strong leadership and many foundational elements to be successful, programs often topple because the legs of the table we have built are not sturdy to hold the weight of our scanning tools, and the data these tools produce. Join Rapid7’s Brian Carey for a discussion on some of the more common reasons Vulnerability Management programs fail, and more importantly what we can all do to ensure that doesn’t happen. Some of the topics we’ll cover include: 1. The leadership void - setting goals and expectations from the top. 2. Roles & Responsibilities 3. Asset Management 4. Classification & Prioritization 5. Remediation 6. Reporting to your Executive Teams & Board

Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (438)
Subscribers (37473)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.