SlideShare a Scribd company logo

Best Practices and ROI for Risk-based Vulnerability Management

Download as PPTX, PDF
Resolver Inc.
Resolver Inc.

This document discusses best practices for risk-based vulnerability management. It begins with an introduction and agenda. It then covers common vulnerability management challenges such as debate over metrics, prioritizing remediation, and lack of governance. Recommendations for improving vulnerability management programs are provided, including implementing strong governance, classifying assets, enriching vulnerability data with threat and exploit data, calculating risk scores, automating processes, and reporting. A case study is presented on the return on investment of automation. The document concludes with introductions to the RiskVision vulnerability management solution and representatives.

Business
1 of 59
Best Practices and ROI for Risk- based Vulnerability Management October 2017
Nevra Ledwon Account Director nledwon@riskvisioninc.com Steve Finegan Product Manager sfinegan@riskvisioninc.com Introductions
Agenda Vulnerability Management Challenges Best Practices in Successful Programs About Resolver and RiskVision TVM Return on Investment – Case Study Solution Approaches, Benefits & Strategies
Challenge 1: Vulnerability MetricsWhat does this chart tell you?
Challenge 1: Vulnerability MetricsWhat does this chart tell you?
Challenge 1: Vulnerability Metrics  Are these vulnerability metrics accurate?  Are they the right metrics?  Do they tell the full story?
Challenge 2: Which Vulnerability Should We Remediate First? CVSS 5 vulnerability (e.g., a SQLi) vulnerability that's facing the internet from your DMZ that's now actively being exploited in the wild DB2 vulnerability on an RS/6000 w/CVSS 10 on an internal host with segmentation and other controls applied that’s not yet been exploited in the wild
Gartner Whitepaper
QUIZ TIME
The number of new vulnerabilities for which there exists a known exploit in the wild has:  Grown  Stayed flat  Shrunk
The number of new vulnerabilities for which there exists a known exploit in the wild has:  Grown  Stayed flat  Shrunk
Over the past 10 years, what percentage of the known vulnerabilities have ever been exploited in the wild?  12%  18%  23%  30%
Over the past 10 years, what percentage of the known vulnerabilities have ever been exploited in the wild?  12%  18%  23%  30%
Which severity of vulnerabilities is most often exploited in the wild?  Critical  High  Medium  Low
Which severity of vulnerabilities is most often exploited in the wild?  Critical  High  Medium  Low
Challenge 2: Which Vulnerability Should We Remediate First? CVSS 5 vulnerability (e.g., a SQLi) vulnerability that's facing the internet from your DMZ that's now actively being exploited in the wild DB2 vulnerability on an RS/6000 w/CVSS 10 on an internal host with segmentation and other controls applied that’s not yet been exploited in the wild
Challenge 3: Manual Administration & Shepherding Process
Challenge 4: Governance & Accountability
How to Prioritize Remediation Activities Debate Over Vulnerability Metrics Too Much Manual/ Administrative Work No Clear Governance, Accountability or Audit Trail Challenges Summary
Attendee Poll Which of the following challenges do you face in your organization? (more than one selection is ok)  Debate Over Vulnerability Metrics  How to Prioritize Remediation Activities  Too Much Manual/Administrative Work  No Clear Governance, Accountability or Audit Trail  None or N/A
Recommendations & Strategies
It’s All About Governance!!!  Appropriate program sponsorship for the vulnerability management program  Key stakeholder identification, representation and participation in the program  Documented security policies, practices, and standards  Documented roles and responsibilities  Documented communication and escalation plans  Asset identification (in-scope assets) SANS Components of an effective TVM Governance Process https://www.sans.org/reading-room/whitepapers/projectmanagement/building-vulnerability-management-program-project-management- approach-35932
2. Enrich your Data 1. Classify your Assets 3. Calculate a Risk Score 4. Service Level Assignment 5. Automate Strategies for Making TVM Governance Easier
Step 1: Classify your Assets (Systems/Apps) PII PCI External FacingInternal Facing High Integrity High Availability Has Apache Port8080 Open On DMZ Europe
Step 1: Classify Your Assets (Systems/Apps) Classification Assessment Questionnaire Admin Setting Asset Classification
Step 1: Classify Your Assets (Systems/Apps)
Step 2: Enrich Your Data – Marry Vulns w/ Threat & Exploit Data Vulnerabilities In Your Environment Key Vulnerabilities to be Worried About All Disclosed Vulnerabilities Exploited Vulnerabilities Exploits Threats Are Focusing On
Step 2: Enrich Your Data – Marry Vulns w/ Threat & Exploit Data RiskVision leverages over 70 industry-leading applications, plus identity, security and IT technology
Step 3: Calculate a Risk Score
Risk Score CMDB asset factors, etc. CVSS Score + Other NVD Data Threat data, exploit data What goes into a Risk Score?
Step 3: Calculate a Risk Score VRF (Likelihood) • CVSS Score, or • Enhanced Vulnerability Score • e.g. Threat factor, # days open ACF (Impact) •H=10, M=7, L=3, or •Other numbers, or •Add additional custom attributes • e.g. internal vs external-facing • PCI-related Risk = Vulnerability Risk Factor (VRF) * Asset Criticality Factor (ACF) Vulnerability Risk = *
Step 3: Calculate a Risk Score – In RiskVision TVM Confidentiality Impact Vector • None = 0, Partial = 1, Complete = 2 Integrity Impact Vector • None = 0, Partial = 1, Complete = 2 Availability Impact Vector • None = 0, Partial = 1, Complete = 2 Access Complexity • Low = 1, Med = 3, High = 5 Access Vector • Local = 1, Adjacent Network = 3, Network = 5 Authentication Vector • Multiple = 1, Single = 3, None = 5 # Days Vuln was Open • = diff between current date and CVE vulnerability publish date Exploit Factor • local = .6, remote = 1, shellcode = .6, webapps = 1, dos = .5. No matching exploit = 0.25. • If >1 exploit maps to a vulnerability, highest Exploit Factor is used. Enhanced Vulnerability Score Factors
Step 3: Calculate a Risk Score – Risk Aggregation Enterprise BU 1 BU 2 BU 3 DBMS SERVE R SERVER SERVE R NVD CVE-2017-5638 CVE-2017-4187 CVE-…. CVE-.... CVE-2017-5632 AP PVULN VULN AP PVULN PATCH VULN
Step 3: Calculate a Risk Score – Risk Aggregation
Step 4: Service Level Assignment & Ticketing
Step 4: Service Level Assignment & Ticketing – Exception Process Exception Process
Step 4: Service Level Assignment & Ticketing – Exception Report
Step 5: Automate Where Possible De -Duping Vuln/Patch Prioritiz- ation Ticket Genera- tion Re- Scans
Attendee Poll Which of the following tasks have you already automated? (more than one selection is ok)  Consolidation of Threat & Vulnerability Data  Vuln/Patch prioritization  Ticket generation  Report generation  Workflow processes (e.g. exception handling process)  Patch validation/re-scan
Threat & Vuln Management: Key Capabilities Data Collection Remediatio n Validation Remediation Ticket Management Data Correlation 1 652 Workflow Orchestratio n Risk-Based Vulnerabilit y Prioritizatio n 3 4 Dashboards /Reporting 7
Workflow Management
Auto Re-Scan
Show Audit Trail/Exception
Step 6: Reports that are Useful/Relevant/Tell Whole Story
Report: Vulnerabilities Sorted by Risk Score
Vulnerable Asset Groups
System Drill Down
Vulnerability Heat Map
Return on Investment Case Study
Research Participant Spotlight  ~50,000 assets, 18% “high risk”, ~1M Vulnerability Instances  Management: ~20 FTEs, across various functions. Team breakdown and all-in costs (salary, benefits, overhead) - ~$2.9m per year  Two (2) security manager ($195,200 each)  Twelve (12) security analysts ($152,500 each)  Six (6) IT remediation engineers ($122,000 each)  Core tasks performed by the teams include creating trend reports, assessing & mitigating high risk vulnerabilities, and triaging monthly cyber-events  RiskVision All In Subscription and Services Fees are $374,545 in Year 1 and $124,900 thereafter
Building the Case for Automation Investment
2. Enrich your Data 1. Classify your Assets 3. Calculate a Risk Score 4. Service Level Assignment 5. Automate Strategies Summary
About RiskVision
Introducing RiskVision  Enterprise Risk Intelligence Software  35+ solution, technology and content partners  Highly Rated by Gartner (IRMS & SOAR), Blue Hill, SANS, ESG, Aite, Ovum, and IDC Introducing Resolver  1,000+ Customers  Offices Around the Globe
RiskVision Solution Landscape 2m+ Assets 50m+ Vulnerabilities Scored for Risk 50% of RiskVision Customers 750k+ Assets 100k+ Incidents Scored for Risk 39% of RiskVision Customers 50k+ Assessments 200m+ Daily Control Checks 78% of RiskVision Customers 10k+ Practitioners 250k+ Third Parties Assessed 39% of RiskVision Customers CORE SOLUTIONS CUSTOMERS USAGE Incident / Issue Risk Response Coordinates classification, collaboration, evidence, policies, audit trail and reporting across the extra-prise for all operational and security risk events. Third Party (TP) Risk & Compliance Classifies third parties by risk level, and drives parallel workflows for diligence and security scoring, on-boarding, continuous monitoring and off-boarding. Technology (IT) Risk & Compliance Manages technology policies, maps policies to control, and assess multi-regulatory risk using an efficient Common Control Framework (CCF) to report for internal audit. SOARIRMS SCALABILITY Threat & Vulnerability Mitigation Automated continuous risk correlation, prioritization, and remediation of asset and operations criticality, threat reachability, control, and vulnerabilities.
Questions and Answers Nevra Ledwon, Account Director Office: +1.408.200.0435 Mobile: +1.703.351.8041

Recommended

NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down IntrudersCyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down Intruders
Infosec
 
Vulnerability Management Whitepaper PowerPoint Presentation Slides
Vulnerability Management Whitepaper PowerPoint Presentation SlidesVulnerability Management Whitepaper PowerPoint Presentation Slides
Vulnerability Management Whitepaper PowerPoint Presentation Slides
SlideTeam
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
Sqrrl
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy Workshop
Life Cycle Engineering
 
EBIOS RM - Cryptovirus & COVID-19
EBIOS RM - Cryptovirus & COVID-19EBIOS RM - Cryptovirus & COVID-19
EBIOS RM - Cryptovirus & COVID-19
Thierry Pertus
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 

Recommended

NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down IntrudersCyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down Intruders
Infosec
 
Vulnerability Management Whitepaper PowerPoint Presentation Slides
Vulnerability Management Whitepaper PowerPoint Presentation SlidesVulnerability Management Whitepaper PowerPoint Presentation Slides
Vulnerability Management Whitepaper PowerPoint Presentation Slides
SlideTeam
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
Sqrrl
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy Workshop
Life Cycle Engineering
 
EBIOS RM - Cryptovirus & COVID-19
EBIOS RM - Cryptovirus & COVID-19EBIOS RM - Cryptovirus & COVID-19
EBIOS RM - Cryptovirus & COVID-19
Thierry Pertus
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
Robert Grupe, CSSLP CISSP PE PMP
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report
Morane Decriem
 
Top 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free downloadTop 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free download
selinasimpson28
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
Anne Oikarinen
 
When Security Tools Fail You
When Security Tools Fail YouWhen Security Tools Fail You
When Security Tools Fail You
Michael Gough
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Risk Quantification
Cybersecurity Risk QuantificationCybersecurity Risk Quantification
Cybersecurity Risk Quantification
Matthew Karnas
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
 
Cybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation SlidesCybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation Slides
SlideTeam
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
Exigent Technologies LLC
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault
 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
asherad
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
Sergey Soldatov
 
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Rafal Los
 
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
Mitchell Grooms
 

More Related Content

What's hot

AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
Robert Grupe, CSSLP CISSP PE PMP
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report
Morane Decriem
 
Top 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free downloadTop 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free download
selinasimpson28
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
Anne Oikarinen
 
When Security Tools Fail You
When Security Tools Fail YouWhen Security Tools Fail You
When Security Tools Fail You
Michael Gough
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Risk Quantification
Cybersecurity Risk QuantificationCybersecurity Risk Quantification
Cybersecurity Risk Quantification
Matthew Karnas
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
 
Cybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation SlidesCybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation Slides
SlideTeam
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
Exigent Technologies LLC
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault
 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
PECB
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
asherad
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
Sergey Soldatov
 

What's hot (20)

AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report
 
Top 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free downloadTop 40 crowd strike interview questions and answers pdf ebook free download
Top 40 crowd strike interview questions and answers pdf ebook free download
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
 
When Security Tools Fail You
When Security Tools Fail YouWhen Security Tools Fail You
When Security Tools Fail You
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Cybersecurity Risk Quantification
Cybersecurity Risk QuantificationCybersecurity Risk Quantification
Cybersecurity Risk Quantification
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
 
Cybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation SlidesCybersecurity Incident Management PowerPoint Presentation Slides
Cybersecurity Incident Management PowerPoint Presentation Slides
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
 

Similar to Best Practices and ROI for Risk-based Vulnerability Management

Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Rafal Los
 
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
Mitchell Grooms
 
Software Security Metrics
Software Security MetricsSoftware Security Metrics
Software Security Metrics
Cigital
 
w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018
Open Security Summit
 
Risk Management
Risk ManagementRisk Management
Risk Management
Hinal Lunagariya
 
Sample Risk Assessment Report- QuantumBanking.pdf
Sample Risk Assessment Report- QuantumBanking.pdfSample Risk Assessment Report- QuantumBanking.pdf
Sample Risk Assessment Report- QuantumBanking.pdf
SathishKumar960827
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
Ersoy AKSOY
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
Cam Fulton
 
Webinar - Building Team Efficiency and Effectiveness
Webinar - Building Team Efficiency and EffectivenessWebinar - Building Team Efficiency and Effectiveness
Webinar - Building Team Efficiency and Effectiveness
Invensis Learning
 
CISSP 8 Domains.pdf
CISSP 8 Domains.pdfCISSP 8 Domains.pdf
CISSP 8 Domains.pdf
dotco
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24
 
Agile-Risk-Management in Project Management
Agile-Risk-Management in Project ManagementAgile-Risk-Management in Project Management
Agile-Risk-Management in Project Management
Najmul Hussain
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
BeyondTrust
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - FortinetStay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - Fortinet
MarcoTechnologies
 
One login enemy at the gates
One login enemy at the gatesOne login enemy at the gates
One login enemy at the gates
Eoin Keary
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability Management
Ivanti
 
Risk Management
Risk ManagementRisk Management
Risk Management
Madhavan Karthikeyan
 
A Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use CasesA Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use Cases
Ryan Faircloth
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session
Ryan Faircloth
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
AyidAlmgati
 

Similar to Best Practices and ROI for Risk-based Vulnerability Management (20)

Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
 
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
BDQCRM Cyber Risk Management Intelligence Top 12 Final 080216
 
Software Security Metrics
Software Security MetricsSoftware Security Metrics
Software Security Metrics
 
w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Sample Risk Assessment Report- QuantumBanking.pdf
Sample Risk Assessment Report- QuantumBanking.pdfSample Risk Assessment Report- QuantumBanking.pdf
Sample Risk Assessment Report- QuantumBanking.pdf
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
Webinar - Building Team Efficiency and Effectiveness
Webinar - Building Team Efficiency and EffectivenessWebinar - Building Team Efficiency and Effectiveness
Webinar - Building Team Efficiency and Effectiveness
 
CISSP 8 Domains.pdf
CISSP 8 Domains.pdfCISSP 8 Domains.pdf
CISSP 8 Domains.pdf
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
 
Agile-Risk-Management in Project Management
Agile-Risk-Management in Project ManagementAgile-Risk-Management in Project Management
Agile-Risk-Management in Project Management
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - FortinetStay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - Fortinet
 
One login enemy at the gates
One login enemy at the gatesOne login enemy at the gates
One login enemy at the gates
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability Management
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
A Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use CasesA Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use Cases
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
 

More from Resolver Inc.

How to Prove the Value of Security Investments
How to Prove the Value of Security InvestmentsHow to Prove the Value of Security Investments
How to Prove the Value of Security Investments
Resolver Inc.
 
ERM Benchmarking Survey Results
ERM Benchmarking Survey ResultsERM Benchmarking Survey Results
ERM Benchmarking Survey Results
Resolver Inc.
 
Taking a Data-Driven Approach to Business Continuity
Taking a Data-Driven Approach to Business ContinuityTaking a Data-Driven Approach to Business Continuity
Taking a Data-Driven Approach to Business Continuity
Resolver Inc.
 
Terrorism in a Corporate Setting
Terrorism in a Corporate SettingTerrorism in a Corporate Setting
Terrorism in a Corporate Setting
Resolver Inc.
 
Reporting to the Board on Corporate Compliance
Reporting to the Board on Corporate ComplianceReporting to the Board on Corporate Compliance
Reporting to the Board on Corporate Compliance
Resolver Inc.
 
An Intro to Resolver's Compliance Application
An Intro to Resolver's Compliance ApplicationAn Intro to Resolver's Compliance Application
An Intro to Resolver's Compliance Application
Resolver Inc.
 
Information Security Best Practices: Keeping Your Company's Data Safe
Information Security Best Practices: Keeping Your Company's Data SafeInformation Security Best Practices: Keeping Your Company's Data Safe
Information Security Best Practices: Keeping Your Company's Data Safe
Resolver Inc.
 
Security Trends: From "Silos" to Integrated Risk Management
Security Trends: From "Silos" to Integrated Risk ManagementSecurity Trends: From "Silos" to Integrated Risk Management
Security Trends: From "Silos" to Integrated Risk Management
Resolver Inc.
 
Modelling your Business Processes with Resolver Core
Modelling your Business Processes with Resolver CoreModelling your Business Processes with Resolver Core
Modelling your Business Processes with Resolver Core
Resolver Inc.
 
How Resolver Uses Resolver
How Resolver Uses ResolverHow Resolver Uses Resolver
How Resolver Uses Resolver
Resolver Inc.
 
Scammed: Defend Against Social Engineering
Scammed: Defend Against Social EngineeringScammed: Defend Against Social Engineering
Scammed: Defend Against Social Engineering
Resolver Inc.
 
A Peek at adidas Group's Integrated Risk & Security Management Strategy
A Peek at adidas Group's Integrated Risk & Security Management StrategyA Peek at adidas Group's Integrated Risk & Security Management Strategy
A Peek at adidas Group's Integrated Risk & Security Management Strategy
Resolver Inc.
 
An Intro to Resolver's Resilience Application
An Intro to Resolver's Resilience ApplicationAn Intro to Resolver's Resilience Application
An Intro to Resolver's Resilience Application
Resolver Inc.
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
Resolver Inc.
 
How to Achieve a Fully Integrated Approach to Business Resilience
How to Achieve a Fully Integrated Approach to Business ResilienceHow to Achieve a Fully Integrated Approach to Business Resilience
How to Achieve a Fully Integrated Approach to Business Resilience
Resolver Inc.
 
An Intro to Resolver's Risk Application
An Intro to Resolver's Risk ApplicationAn Intro to Resolver's Risk Application
An Intro to Resolver's Risk Application
Resolver Inc.
 
Keeping Your Data Clean
Keeping Your Data CleanKeeping Your Data Clean
Keeping Your Data Clean
Resolver Inc.
 
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Resolver Inc.
 
An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)
Resolver Inc.
 
Leveraging Change Leadership to Find Success in your IRM Program
Leveraging Change Leadership to Find Success in your IRM ProgramLeveraging Change Leadership to Find Success in your IRM Program
Leveraging Change Leadership to Find Success in your IRM Program
Resolver Inc.
 

More from Resolver Inc. (20)

How to Prove the Value of Security Investments
How to Prove the Value of Security InvestmentsHow to Prove the Value of Security Investments
How to Prove the Value of Security Investments
 
ERM Benchmarking Survey Results
ERM Benchmarking Survey ResultsERM Benchmarking Survey Results
ERM Benchmarking Survey Results
 
Taking a Data-Driven Approach to Business Continuity
Taking a Data-Driven Approach to Business ContinuityTaking a Data-Driven Approach to Business Continuity
Taking a Data-Driven Approach to Business Continuity
 
Terrorism in a Corporate Setting
Terrorism in a Corporate SettingTerrorism in a Corporate Setting
Terrorism in a Corporate Setting
 
Reporting to the Board on Corporate Compliance
Reporting to the Board on Corporate ComplianceReporting to the Board on Corporate Compliance
Reporting to the Board on Corporate Compliance
 
An Intro to Resolver's Compliance Application
An Intro to Resolver's Compliance ApplicationAn Intro to Resolver's Compliance Application
An Intro to Resolver's Compliance Application
 
Information Security Best Practices: Keeping Your Company's Data Safe
Information Security Best Practices: Keeping Your Company's Data SafeInformation Security Best Practices: Keeping Your Company's Data Safe
Information Security Best Practices: Keeping Your Company's Data Safe
 
Security Trends: From "Silos" to Integrated Risk Management
Security Trends: From "Silos" to Integrated Risk ManagementSecurity Trends: From "Silos" to Integrated Risk Management
Security Trends: From "Silos" to Integrated Risk Management
 
Modelling your Business Processes with Resolver Core
Modelling your Business Processes with Resolver CoreModelling your Business Processes with Resolver Core
Modelling your Business Processes with Resolver Core
 
How Resolver Uses Resolver
How Resolver Uses ResolverHow Resolver Uses Resolver
How Resolver Uses Resolver
 
Scammed: Defend Against Social Engineering
Scammed: Defend Against Social EngineeringScammed: Defend Against Social Engineering
Scammed: Defend Against Social Engineering
 
A Peek at adidas Group's Integrated Risk & Security Management Strategy
A Peek at adidas Group's Integrated Risk & Security Management StrategyA Peek at adidas Group's Integrated Risk & Security Management Strategy
A Peek at adidas Group's Integrated Risk & Security Management Strategy
 
An Intro to Resolver's Resilience Application
An Intro to Resolver's Resilience ApplicationAn Intro to Resolver's Resilience Application
An Intro to Resolver's Resilience Application
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
 
How to Achieve a Fully Integrated Approach to Business Resilience
How to Achieve a Fully Integrated Approach to Business ResilienceHow to Achieve a Fully Integrated Approach to Business Resilience
How to Achieve a Fully Integrated Approach to Business Resilience
 
An Intro to Resolver's Risk Application
An Intro to Resolver's Risk ApplicationAn Intro to Resolver's Risk Application
An Intro to Resolver's Risk Application
 
Keeping Your Data Clean
Keeping Your Data CleanKeeping Your Data Clean
Keeping Your Data Clean
 
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
 
An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)
 
Leveraging Change Leadership to Find Success in your IRM Program
Leveraging Change Leadership to Find Success in your IRM ProgramLeveraging Change Leadership to Find Success in your IRM Program
Leveraging Change Leadership to Find Success in your IRM Program
 

Recently uploaded

Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
my Pandit
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW: Category Renewal and CreationIndustrial Tech SW: Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
Christian Dahlen
 
Structural Design Process: Step-by-Step Guide for Buildings
Structural Design Process: Step-by-Step Guide for BuildingsStructural Design Process: Step-by-Step Guide for Buildings
Structural Design Process: Step-by-Step Guide for Buildings
Chandresh Chudasama
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
taqyea
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
techboxsqauremedia
 
Mastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnapMastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnap
Norma Mushkat Gaffin
 
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
AnnySerafinaLove
 
Business storytelling: key ingredients to a story
Business storytelling: key ingredients to a storyBusiness storytelling: key ingredients to a story
Business storytelling: key ingredients to a story
Alexandra Fulford
 
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
ABHILASH DUTTA
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
jeffkluth1
 
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdfikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
agatadrynko
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
ssuser567e2d
 
Authentically Social Presented by Corey Perlman
Authentically Social Presented by Corey PerlmanAuthentically Social Presented by Corey Perlman
Authentically Social Presented by Corey Perlman
Corey Perlman, Social Media Speaker and Consultant
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
SOFTTECHHUB
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
2024-6-01-IMPACTSilver-Corp-Presentation.pdf
2024-6-01-IMPACTSilver-Corp-Presentation.pdf2024-6-01-IMPACTSilver-Corp-Presentation.pdf
2024-6-01-IMPACTSilver-Corp-Presentation.pdf
hartfordclub1
 
Best practices for project execution and delivery
Best practices for project execution and deliveryBest practices for project execution and delivery
Best practices for project execution and delivery
CLIVE MINCHIN
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
Kirill Klimov
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
NZSG
 

Recently uploaded (20)

Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW: Category Renewal and CreationIndustrial Tech SW: Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
 
Structural Design Process: Step-by-Step Guide for Buildings
Structural Design Process: Step-by-Step Guide for BuildingsStructural Design Process: Step-by-Step Guide for Buildings
Structural Design Process: Step-by-Step Guide for Buildings
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
 
Mastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnapMastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnap
 
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
 
Business storytelling: key ingredients to a story
Business storytelling: key ingredients to a storyBusiness storytelling: key ingredients to a story
Business storytelling: key ingredients to a story
 
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
The Evolution and Impact of OTT Platforms: A Deep Dive into the Future of Ent...
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
 
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdfikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
 
Authentically Social Presented by Corey Perlman
Authentically Social Presented by Corey PerlmanAuthentically Social Presented by Corey Perlman
Authentically Social Presented by Corey Perlman
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
2024-6-01-IMPACTSilver-Corp-Presentation.pdf
2024-6-01-IMPACTSilver-Corp-Presentation.pdf2024-6-01-IMPACTSilver-Corp-Presentation.pdf
2024-6-01-IMPACTSilver-Corp-Presentation.pdf
 
Best practices for project execution and delivery
Best practices for project execution and deliveryBest practices for project execution and delivery
Best practices for project execution and delivery
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
 

Best Practices and ROI for Risk-based Vulnerability Management

  • 1. Best Practices and ROI for Risk- based Vulnerability Management October 2017
  • 2. Nevra Ledwon Account Director nledwon@riskvisioninc.com Steve Finegan Product Manager sfinegan@riskvisioninc.com Introductions
  • 3. Agenda Vulnerability Management Challenges Best Practices in Successful Programs About Resolver and RiskVision TVM Return on Investment – Case Study Solution Approaches, Benefits & Strategies
  • 4. Challenge 1: Vulnerability MetricsWhat does this chart tell you?
  • 5. Challenge 1: Vulnerability MetricsWhat does this chart tell you?
  • 6. Challenge 1: Vulnerability Metrics  Are these vulnerability metrics accurate?  Are they the right metrics?  Do they tell the full story?
  • 7. Challenge 2: Which Vulnerability Should We Remediate First? CVSS 5 vulnerability (e.g., a SQLi) vulnerability that's facing the internet from your DMZ that's now actively being exploited in the wild DB2 vulnerability on an RS/6000 w/CVSS 10 on an internal host with segmentation and other controls applied that’s not yet been exploited in the wild
  • 10. The number of new vulnerabilities for which there exists a known exploit in the wild has:  Grown  Stayed flat  Shrunk
  • 11. The number of new vulnerabilities for which there exists a known exploit in the wild has:  Grown  Stayed flat  Shrunk
  • 12. Over the past 10 years, what percentage of the known vulnerabilities have ever been exploited in the wild?  12%  18%  23%  30%
  • 13. Over the past 10 years, what percentage of the known vulnerabilities have ever been exploited in the wild?  12%  18%  23%  30%
  • 14. Which severity of vulnerabilities is most often exploited in the wild?  Critical  High  Medium  Low
  • 15. Which severity of vulnerabilities is most often exploited in the wild?  Critical  High  Medium  Low
  • 16. Challenge 2: Which Vulnerability Should We Remediate First? CVSS 5 vulnerability (e.g., a SQLi) vulnerability that's facing the internet from your DMZ that's now actively being exploited in the wild DB2 vulnerability on an RS/6000 w/CVSS 10 on an internal host with segmentation and other controls applied that’s not yet been exploited in the wild
  • 17. Challenge 3: Manual Administration & Shepherding Process
  • 18. Challenge 4: Governance & Accountability
  • 19. How to Prioritize Remediation Activities Debate Over Vulnerability Metrics Too Much Manual/ Administrative Work No Clear Governance, Accountability or Audit Trail Challenges Summary
  • 20. Attendee Poll Which of the following challenges do you face in your organization? (more than one selection is ok)  Debate Over Vulnerability Metrics  How to Prioritize Remediation Activities  Too Much Manual/Administrative Work  No Clear Governance, Accountability or Audit Trail  None or N/A
  • 22. It’s All About Governance!!!  Appropriate program sponsorship for the vulnerability management program  Key stakeholder identification, representation and participation in the program  Documented security policies, practices, and standards  Documented roles and responsibilities  Documented communication and escalation plans  Asset identification (in-scope assets) SANS Components of an effective TVM Governance Process https://www.sans.org/reading-room/whitepapers/projectmanagement/building-vulnerability-management-program-project-management- approach-35932
  • 23. 2. Enrich your Data 1. Classify your Assets 3. Calculate a Risk Score 4. Service Level Assignment 5. Automate Strategies for Making TVM Governance Easier
  • 24. Step 1: Classify your Assets (Systems/Apps) PII PCI External FacingInternal Facing High Integrity High Availability Has Apache Port8080 Open On DMZ Europe
  • 25. Step 1: Classify Your Assets (Systems/Apps) Classification Assessment Questionnaire Admin Setting Asset Classification
  • 26. Step 1: Classify Your Assets (Systems/Apps)
  • 27. Step 2: Enrich Your Data – Marry Vulns w/ Threat & Exploit Data Vulnerabilities In Your Environment Key Vulnerabilities to be Worried About All Disclosed Vulnerabilities Exploited Vulnerabilities Exploits Threats Are Focusing On
  • 28. Step 2: Enrich Your Data – Marry Vulns w/ Threat & Exploit Data RiskVision leverages over 70 industry-leading applications, plus identity, security and IT technology
  • 29. Step 3: Calculate a Risk Score
  • 31. Step 3: Calculate a Risk Score VRF (Likelihood) • CVSS Score, or • Enhanced Vulnerability Score • e.g. Threat factor, # days open ACF (Impact) •H=10, M=7, L=3, or •Other numbers, or •Add additional custom attributes • e.g. internal vs external-facing • PCI-related Risk = Vulnerability Risk Factor (VRF) * Asset Criticality Factor (ACF) Vulnerability Risk = *
  • 32. Step 3: Calculate a Risk Score – In RiskVision TVM Confidentiality Impact Vector • None = 0, Partial = 1, Complete = 2 Integrity Impact Vector • None = 0, Partial = 1, Complete = 2 Availability Impact Vector • None = 0, Partial = 1, Complete = 2 Access Complexity • Low = 1, Med = 3, High = 5 Access Vector • Local = 1, Adjacent Network = 3, Network = 5 Authentication Vector • Multiple = 1, Single = 3, None = 5 # Days Vuln was Open • = diff between current date and CVE vulnerability publish date Exploit Factor • local = .6, remote = 1, shellcode = .6, webapps = 1, dos = .5. No matching exploit = 0.25. • If >1 exploit maps to a vulnerability, highest Exploit Factor is used. Enhanced Vulnerability Score Factors
  • 33. Step 3: Calculate a Risk Score – Risk Aggregation Enterprise BU 1 BU 2 BU 3 DBMS SERVE R SERVER SERVE R NVD CVE-2017-5638 CVE-2017-4187 CVE-…. CVE-.... CVE-2017-5632 AP PVULN VULN AP PVULN PATCH VULN
  • 34. Step 3: Calculate a Risk Score – Risk Aggregation
  • 35. Step 4: Service Level Assignment & Ticketing
  • 36. Step 4: Service Level Assignment & Ticketing – Exception Process Exception Process
  • 37. Step 4: Service Level Assignment & Ticketing – Exception Report
  • 38. Step 5: Automate Where Possible De -Duping Vuln/Patch Prioritiz- ation Ticket Genera- tion Re- Scans
  • 39. Attendee Poll Which of the following tasks have you already automated? (more than one selection is ok)  Consolidation of Threat & Vulnerability Data  Vuln/Patch prioritization  Ticket generation  Report generation  Workflow processes (e.g. exception handling process)  Patch validation/re-scan
  • 40. Threat & Vuln Management: Key Capabilities Data Collection Remediatio n Validation Remediation Ticket Management Data Correlation 1 652 Workflow Orchestratio n Risk-Based Vulnerabilit y Prioritizatio n 3 4 Dashboards /Reporting 7
  • 44. Step 6: Reports that are Useful/Relevant/Tell Whole Story
  • 50.
  • 51. Research Participant Spotlight  ~50,000 assets, 18% “high risk”, ~1M Vulnerability Instances  Management: ~20 FTEs, across various functions. Team breakdown and all-in costs (salary, benefits, overhead) - ~$2.9m per year  Two (2) security manager ($195,200 each)  Twelve (12) security analysts ($152,500 each)  Six (6) IT remediation engineers ($122,000 each)  Core tasks performed by the teams include creating trend reports, assessing & mitigating high risk vulnerabilities, and triaging monthly cyber-events  RiskVision All In Subscription and Services Fees are $374,545 in Year 1 and $124,900 thereafter
  • 52.
  • 53. Building the Case for Automation Investment
  • 54. 2. Enrich your Data 1. Classify your Assets 3. Calculate a Risk Score 4. Service Level Assignment 5. Automate Strategies Summary
  • 56.
  • 57. Introducing RiskVision  Enterprise Risk Intelligence Software  35+ solution, technology and content partners  Highly Rated by Gartner (IRMS & SOAR), Blue Hill, SANS, ESG, Aite, Ovum, and IDC Introducing Resolver  1,000+ Customers  Offices Around the Globe
  • 58. RiskVision Solution Landscape 2m+ Assets 50m+ Vulnerabilities Scored for Risk 50% of RiskVision Customers 750k+ Assets 100k+ Incidents Scored for Risk 39% of RiskVision Customers 50k+ Assessments 200m+ Daily Control Checks 78% of RiskVision Customers 10k+ Practitioners 250k+ Third Parties Assessed 39% of RiskVision Customers CORE SOLUTIONS CUSTOMERS USAGE Incident / Issue Risk Response Coordinates classification, collaboration, evidence, policies, audit trail and reporting across the extra-prise for all operational and security risk events. Third Party (TP) Risk & Compliance Classifies third parties by risk level, and drives parallel workflows for diligence and security scoring, on-boarding, continuous monitoring and off-boarding. Technology (IT) Risk & Compliance Manages technology policies, maps policies to control, and assess multi-regulatory risk using an efficient Common Control Framework (CCF) to report for internal audit. SOARIRMS SCALABILITY Threat & Vulnerability Mitigation Automated continuous risk correlation, prioritization, and remediation of asset and operations criticality, threat reachability, control, and vulnerabilities.
  • 59. Questions and Answers Nevra Ledwon, Account Director Office: +1.408.200.0435 Mobile: +1.703.351.8041