As IT ecosystems evolve, so do attackers. Exploitation can happen anywhere across the modern attack surface, from on-premises and cloud infrastructure to web applications. So the scope of your vulnerability risk management (VRM) program can no longer be limited to critical infrastructure.
Web apps have grown in complexity and volume over the past several years, while also becoming the attack vector of choice for threat actors capitalising on emergent technologies. This is a trend that will only persist and evolve, so it’s crucial to extend your testing strategy to practices and languages utilised by your development team. In short: Managing your overall risk must extend to weaknesses in your applications and APIs, not just the structures on which they’re built.
In this webcast, you’ll learn:
- Sandy and James’ thoughts on extending a holistic VRM approach to the application layer
- Best practices and common challenges for a sound VRM strategy
- How James uses both InsightVM and InsightAppSec to secure every layer of the modern environment
- Why it’s so important to have mitigating controls in place for possible exploitation