Your SlideShare is downloading. ×
Measure What You FIx: Asset Risk Management Done Right
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Measure What You FIx: Asset Risk Management Done Right

396

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
396
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Measure What You Fix: ! Asset Management Is Broken
  • 2. Michael Roytman Data Scientist, Risk I/O
  • 3. It is far better to grasp the universe as it really is than to persist in delusion, however satisfying and reassuring. - Carl Sagan
  • 4. Risk = More Can Happen Than Will.
  • 5. 2. CVSS Score Reduction Bad Remediation Metrics 1. Vulnerability Density
  • 6. Part 1: ! Fix What Matters
  • 7. I Love It When You Call Me Big Data 50,000,000 Live Vulnerabilities 1,500,000 Assets 2,000 Organizations
  • 8. I Love It When You Call Me Big Data 3,000,000 Breaches
  • 9. Probability A Vuln Having Property X Has Observed Breaches RANDOMVULN CVSS 10 CVSS 9 CVSS 8 CVSS 6 CVSS 7 CVSS 5 CVSS 4 Has Patch 0.000 0.010 0.020 0.030 0.040
  • 10. Probability A Vuln Having Property X Has Observed Breaches RandomVuln CVSS 10 Exploit DB Metasploit MSP+EDB 0.0 0.1 0.2 0.2 0.3
  • 11. Part 2: ! Measure What You Fix
  • 12. #DoingItWrong
  • 13. Jet Engine x Peanut Butter SHINY!= Current State of Remediation Performance Tracking
  • 14. Where We Want To Be
  • 15. Data 1.Active Breaches ! 2.Metasploit Module ! 3. ExploitDB Entry ! 4. Popular Target
  • 16. Framework Estimate likelihood of breach event for each vulnerability.
  • 17. Framework An asset is only as safe as the riskiest vulnerability on that asset.
  • 18. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Breached In The Wild? Metasploit Module Exists? ExploitDB Entry? Popular Target? Less Risky
  • 19. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Actively Breached Meta sploit Exploit DB Popular Target Actively Breached Meta sploit Exploit DB Popular Target Actively Breached Meta sploit Exploit DB Popular Target …
  • 20. Better?
  • 21. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Asset
  • 22. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Asset
  • 23. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Asset Asset Asset
  • 24. Model Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Actively Breached Meta sploit Exploit DB Popular Target Vuln Asset = 5 Asset = 10 Asset = 4.375
  • 25. Where We’re Going, We Don’t Need Peanut Butter
  • 26. Where We’re Going, We Don’t Need Peanut Butter
  • 27. An Engine Not A Camera
  • 28. risk.io/jobs @mroytman WE HAVE JOBS

×