Vulnerability Management: Myths and Solutions
Vulnerability management: a never-ending slog or a mainstay of modern information security? When time is precious, budgets are tight, and priorities are shifting, is vulnerability management the right investment? What kind of vulnerability management should you do? Authenticated scans, threat prioritization, sysadmins with questions, firewall rules, and a thousand other concerns loom behind a simple yes-or-no question. Join Rapid7 and the University of Chicago as we open the door wide on our partnership and confront the myths we dispelled, the discussions we had, and the choices we made for UChicago on how to build a sustainable program.
Outcomes: Clearly outline the principles of an enterprise-grade vulnerability management program * Get actionable insight on how to prioritize vulnerabilities, including metrics from across higher education * Discuss challenges to vulnerability management in a decentralized environment from a technical perspective, including firewall rules, credential management, and vulnerability classifications
Presenters
-
Jason Edelstein
IT Risk and Compliance Program Manager,
University of Chicago
-
Sherif Hassabo
Information Security Engineer,
University of Chicago
-
Eric Reiners