Be the first to like this
Vulnerability Risk Management is certainly one of the most critical security processes in any company. Attacks on applications and systems can be divided into two categories: exploiting one or more vulnerabilities, or exploiting a human - typically by social engineering. Most sophisticated attacks use a combination of the above. To defend against the former, organisations have developed processes to detect, analyse and remediate vulnerabilities. The key question any organisation should be asking when planning DevSecOps, in the scope of vulnerability management, is whether any of their existing processes need to change and how much. The talk will explain a built about best practice process in a traditional organisation and then dissect individual areas in the view of DevSecOps. Prepare to challenge and be challenged discussing this boring yet critical subject.