[APAC] Building a holistic VRM strategy that includes the application layer

Presented by

Sandy Carielli: Principal Analyst, Forrester & James Thompson: Information Security Manager, Hypertherm

About this talk

As IT ecosystems evolve, so do attackers. Exploitation can happen anywhere across the modern attack surface, from on-premises and cloud infrastructure to web applications. So the scope of your vulnerability risk management (VRM) program can no longer be limited to critical infrastructure. Web apps have grown in complexity and volume over the past several years, while also becoming the attack vector of choice for threat actors capitalising on emergent technologies. This is a trend that will only persist and evolve, so it’s crucial to extend your testing strategy to practices and languages utilised by your development team. In short: Managing your overall risk must extend to weaknesses in your applications and APIs, not just the structures on which they’re built. In this webcast, you’ll learn: - Sandy and James’ thoughts on extending a holistic VRM approach to the application layer - Best practices and common challenges for a sound VRM strategy - How James uses both InsightVM and InsightAppSec to secure every layer of the modern environment - Why it’s so important to have mitigating controls in place for possible exploitation
Related topics:

More from this channel

Upcoming talks (25)
On-demand talks (615)
Subscribers (53520)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.