SlideShare a Scribd company logo

NTXISSACSC3 - Vulnerability Management Isn't Simple ... (or How to Make Your VM Program Great) by Kelly Hammons

North Texas Chapter of the ISSA
North Texas Chapter of the ISSA

Vulnerability Management Isn't Simple ... (or How to Make Your VM Program Great)

Technology
1 of 21
Download to read offline
@NTXISSA #NTXISSACSC3 Vulnerability Management Isn’t Simple… (or, How to Make Your VM Program Great) Kelly Hammons Principal Consultant, CISSP Secutor Consulting October 2nd, 2015
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3 “97% of breaches could have been avoided through simple or intermediate controls” - Verizon Data Breach Investigations Report, 2012 While over 90 percent of all organizations monitor security effectiveness in some manner, only 40 percent do so ‘constantly’ rather than on an as-needed basis. - Enterprise Security Group (ESG) Security Management & Operations Report, June 2012
@NTXISSA #NTXISSACSC3 How are vulnerabilities usually managed? • Limited or non-existent budget • Scanning too infrequently to be relevant • Or scanning too aggressively • Not using authentication • Only scanning the “perimeter” • Ad hoc prioritization … Ignoring them
@NTXISSA #NTXISSACSC3 Vulnerability Management Goals… • … keep your job • Asset discovery • Understand your perimeter • Test new systems before they’re brought online • Automation + Integration • Produce actionable data & metrics • Comply with regulations (PCI, HIPAA, NERC CIP…) • Vulnerability remediation / reduce attack surface • Keep your company’s name off the front page of the New York Times… (or, VM Maturity Model)
@NTXISSA #NTXISSACSC3 Challenges • Resistance from Network Operations, Patching Team, System Owners • Things *will* crash • Network devices *will* become saturated • Patching software won’t always agree with the scanner • Vulnerability Prioritization • DHCP • Who owns the machine and/or service? • Scanning • Scanner placement • What is in/out of scope? • Can you scan partner networks?
@NTXISSA #NTXISSACSC3 Where do we start? • What are you going to scan? • Discovery scan • Internal vs External IPs • Ports • Authentication • Workstations, servers, lab, DMZ, IP phones, printers, network devices • Scan frequency and windows? • Who is responsible for patching? • Where are the firewalls? • Where do I place the scanners? • How will vulnerabilities be prioritized?
@NTXISSA #NTXISSACSC3 What do I do with all of these vulnerabilities? • Patch • Upgrade • Disable/Uninstall the service • Add a client-side firewall or HIPS • Modify the network fabric (routers/firewalls/IPS) • … or ignore • Prioritization • CVSS • Valuable hosts/data • *accessibility* from a threat source
@NTXISSA #NTXISSACSC3 What does your network look like?
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3
@NTXISSA #NTXISSACSC3 Metrics • Are you measuring busyness or addressing “risk”? • What am I scanning? • What am I *not* scanning? • How many of what kind of vulnerabilities? • What’s different compared to last month? • Pitfalls • DHCP • Trending • Upgrading or sunsetting hosts • Stale scan data • Wall of shame
@NTXISSA #NTXISSACSC3 Simple Metrics
@NTXISSA #NTXISSACSC3 A good example
@NTXISSA #NTXISSACSC3 A great example… Metrics in context February Scan Results: Asset Group Status Comments ABC Servers and Network Devices Yellow No host increase, number of Level 5 vulnerabilities is the same. DEF Servers and Network Devices Green No increase in hosts, Level 5 vulnerabilities have decreased. GHI Servers and Network Devices Yellow No host increase, number of Level 5 vulnerabilities is the same. NA Workstations Red The number of hosts and Level 5 Vulnerabilities increased. Europe Workstations Green The number of hosts increased and the number of Level 5 vulnerabilities still decreased. JKL Workstations Red The number of hosts and Level 5 Vulnerabilities increased.
@NTXISSA #NTXISSACSC3 More great examples
@NTXISSA #NTXISSACSC3 Interoperability – The whole is greater than the sum of its parts • Asset Management/CMDB: Who owns this box? • Patching: Discover false negatives • Pen Testing: Speed up vulnerability discovery, less intrusive • SIEM/IPS/IDS: Mitigate false alerts, fine-tune, add context, prioritize remediation • Ticketing: Easy workflow • Vector Analysis: Prioritization, discover unscanned subnets, discover *downstream* risk • GRC: Fine-tune risk metrics, remediation tracking
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 21 Thank you

Recommended

NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3North Texas Chapter of the ISSA
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...North Texas Chapter of the ISSA
 
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5North Texas Chapter of the ISSA
 
API Days Paris - When RESTful may be considered harmful
API Days Paris - When RESTful may be considered harmfulAPI Days Paris - When RESTful may be considered harmful
API Days Paris - When RESTful may be considered harmfulRoss Garrett
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNorth Texas Chapter of the ISSA
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
NTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan HorseNTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan HorseNorth Texas Chapter of the ISSA
 

Recommended

NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3North Texas Chapter of the ISSA
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...North Texas Chapter of the ISSA
 
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5North Texas Chapter of the ISSA
 
API Days Paris - When RESTful may be considered harmful
API Days Paris - When RESTful may be considered harmfulAPI Days Paris - When RESTful may be considered harmful
API Days Paris - When RESTful may be considered harmfulRoss Garrett
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNorth Texas Chapter of the ISSA
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
NTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan HorseNTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan HorseNorth Texas Chapter of the ISSA
 
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...North Texas Chapter of the ISSA
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectThreatConnect
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JSFestUA
 
NTXISSACSC2 - Why Lead with Risk? by Doug Landoll
NTXISSACSC2 - Why Lead with Risk? by Doug LandollNTXISSACSC2 - Why Lead with Risk? by Doug Landoll
NTXISSACSC2 - Why Lead with Risk? by Doug LandollNorth Texas Chapter of the ISSA
 
Practical DMD Scripting
Practical DMD Scripting Practical DMD Scripting
Practical DMD Scripting Zenoss
 
Seach Engine: Case Study
Seach Engine: Case StudySeach Engine: Case Study
Seach Engine: Case StudyAndre
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 
NTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold ToomeyNTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold ToomeyNorth Texas Chapter of the ISSA
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert TriageSqrrl
 
Improving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed EnvironmentImproving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed EnvironmentMarko Saha
 
SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs AlienVault
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New ScopeThreatConnect
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1North Texas Chapter of the ISSA
 
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Internet Technology Matters (Internet Society)
 
Dev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrikeDev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrikeRuxandra Burtica
 
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...North Texas Chapter of the ISSA
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 

More Related Content

What's hot

NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...North Texas Chapter of the ISSA
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectThreatConnect
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JSFestUA
 
Practical DMD Scripting
Practical DMD Scripting Practical DMD Scripting
Practical DMD Scripting Zenoss
 
Seach Engine: Case Study
Seach Engine: Case StudySeach Engine: Case Study
Seach Engine: Case StudyAndre
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 
NTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold ToomeyNTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold ToomeyNorth Texas Chapter of the ISSA
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert TriageSqrrl
 
Improving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed EnvironmentImproving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed EnvironmentMarko Saha
 
SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs AlienVault
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New ScopeThreatConnect
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1North Texas Chapter of the ISSA
 
Dev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrikeDev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrikeRuxandra Burtica
 

What's hot (20)

NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with Playbooks
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnect
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
 
NTXISSACSC2 - Why Lead with Risk? by Doug Landoll
NTXISSACSC2 - Why Lead with Risk? by Doug LandollNTXISSACSC2 - Why Lead with Risk? by Doug Landoll
NTXISSACSC2 - Why Lead with Risk? by Doug Landoll
 
Practical DMD Scripting
Practical DMD Scripting Practical DMD Scripting
Practical DMD Scripting
 
Seach Engine: Case Study
Seach Engine: Case StudySeach Engine: Case Study
Seach Engine: Case Study
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers Mindset
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinar
 
NTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold ToomeyNTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
NTXISSACSC2 - Software Security - My Other Marathon by Harold Toomey
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert Triage
 
Improving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed EnvironmentImproving SW Quality in a Distributed Environment
Improving SW Quality in a Distributed Environment
 
SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs SpiceWorks Webinar: Whose logs, what logs, why logs
SpiceWorks Webinar: Whose logs, what logs, why logs
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New Scope
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
 
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
Initial Routing Resilience Survey Results Show At Least 10% Of Incidents Are ...
 
Dev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrikeDev talks 2021 Data Science @crowdstrike
Dev talks 2021 Data Science @crowdstrike
 

Similar to NTXISSACSC3 - Vulnerability Management Isn't Simple ... (or How to Make Your VM Program Great) by Kelly Hammons

NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...North Texas Chapter of the ISSA
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big DataRaffael Marty
 
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)stelligence
 
Technical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertTechnical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertISSA LA
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachRahul Neel Mani
 
NTXISSACSC3 - Security at the Point of Storage by Todd Barton
NTXISSACSC3 - Security at the Point of Storage by Todd BartonNTXISSACSC3 - Security at the Point of Storage by Todd Barton
NTXISSACSC3 - Security at the Point of Storage by Todd BartonNorth Texas Chapter of the ISSA
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?ThinAir
 
Orchestrating Software Defined Networks To Disrupt The Apt Kill Chain
Orchestrating Software Defined Networks To Disrupt The Apt Kill ChainOrchestrating Software Defined Networks To Disrupt The Apt Kill Chain
Orchestrating Software Defined Networks To Disrupt The Apt Kill ChainPriyanka Aash
 

Similar to NTXISSACSC3 - Vulnerability Management Isn't Simple ... (or How to Make Your VM Program Great) by Kelly Hammons (20)

NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)
 
Technical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertTechnical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvert
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a Breach
 
Next-Gen DDoS Detection
Next-Gen DDoS DetectionNext-Gen DDoS Detection
Next-Gen DDoS Detection
 
NTXISSACSC3 - Security at the Point of Storage by Todd Barton
NTXISSACSC3 - Security at the Point of Storage by Todd BartonNTXISSACSC3 - Security at the Point of Storage by Todd Barton
NTXISSACSC3 - Security at the Point of Storage by Todd Barton
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?
 
Orchestrating Software Defined Networks To Disrupt The Apt Kill Chain
Orchestrating Software Defined Networks To Disrupt The Apt Kill ChainOrchestrating Software Defined Networks To Disrupt The Apt Kill Chain
Orchestrating Software Defined Networks To Disrupt The Apt Kill Chain
 

More from North Texas Chapter of the ISSA

Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNorth Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNorth Texas Chapter of the ISSA
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNorth Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNorth Texas Chapter of the ISSA
 

More from North Texas Chapter of the ISSA (20)

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
 
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc groupNtxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
 

Recently uploaded

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

NTXISSACSC3 - Vulnerability Management Isn't Simple ... (or How to Make Your VM Program Great) by Kelly Hammons