Talk Session Topic: Mind Your Vulnerability Gaps: Risk-based Vulnerability Management Approach
Speaker: Chintan Gurjar
Designation: Security Engineering Manager
Location: United Kingdom
Description: Organizations are struggling to prioritize vulnerability remediation as there are plenty of factors to consider. It is unclear how to manage vulnerabilities from various scanners, third-parties, pentest and red teaming reports, official vendors, etc. On the other hand, patches are often the answer to many vulnerabilities, which is not always the case. Most companies follow severity/threat-based vulnerability management and are unaware of other criteria to consider in the risk-based vulnerability management approach. Organizations also focus on what they know, but how about assets they are unaware of, hanging on the Internet, untested? In this session, Chintan is going to cover some essential elements of a mature vulnerability management program.