This information is from a previous year. Please visit shellcon.io for up to date information.
In the current cyber landscape several vulnerabilities are discovered every day. The volume and multiple sources from which to consume this information creates interesting challenges for any security team. Poor vulnerability management has become a serious fundamental problem and a common factor in most data breaches in the past months.
Vulnerability management is often disregarded, improperly staffed, and rarely discussed in some circles of the infosec community. Badly implemented programs are the source of nightmares for blue teams and the joy of red teams, pentesters, and bad guys alike. Under these circumstances, are you prepared to deal with vulnerabilities accordingly?
In this talk, we'll share our experiences building a program to address and deal with vulnerabilities at scale. What works, what does not and why. More importantly, what actions you should consider to improve or build your Vulnerability program. In addition, we'll be releasing a vulnerability management tool and show how it can be use in your own program. Whether you are a seasoned infosec professional or new to the field, there is something for you to take away.
Chris is currently a Sr. Security Engineer at Verizon Digital Media Services (formerly EdgeCast). He started working with computers in High School, and having older slower computers quickly made the...