Threats

3417 - When Patching 'Critical' Vulnerabilities Doesn't Cut It

Wednesday, October 10
3:00 PM - 4:00 PM
Location: Floor 3: Mardi Gras H, G, F

After hundreds of interviews with security professionals spanning everything from large enterprises to mid-market to MSSPs, we have found that prioritization of patches is an extremely difficult problem. The growth in the number of known vulnerabilities (more than 15,000 disclosed in 2017) indicates this will remain a challenge and likely why most major attacks use known vulnerabilities. However, threat intelligence about exploits can be gathered from the open internet as well as the deep/dark web and can help indicate what vulnerabilities will be targeted. We show how threat intelligence can be combined with data machine learning to improve prioritization of patches. Additionally, we discuss best practices for integrating such methods into vulnerability management and highlight real-world case studies that demonstrate how attacks can be avoided.


 

Learning Objectives:

Paulo Shakarian, PhD

CEO
CYR3CON

Paulo Shakarian is CEO and co-founder of CYR3CON™, which uses machine learning to find actionable intelligence for cybersecurity. He has written several books, including Elsevier’s Introduction to Cyber-Warfare and Cambridge’s Darkweb Cyber Threat Intelligence Mining. Recently, his work was featured in major news media including CNN, The Economist and Business Insider. He was named a “KDD Rising Star” by Microsoft Research Asia, was recipient of the U.S. Air Force Young Investigator award, and awarded fellowships at DARPA and New America. CYR3CON™ won a 2017 Defense Innovation Technology Challenge award and other accolades from organizations such as the National Science Foundation, PwC, Cisco and the state of Arizona. Paulo is also a Fulton Entrepreneurial Professor at Arizona State and is a frequent speaker on (ISC)2 webinars.

Presentation(s):

Send Email for Paulo Shakarian


Assets

3417 - When Patching 'Critical' Vulnerabilities Doesn't Cut It

Audio

Audio

Presentation Slides

Slides

Handouts

Handouts

Video

Video


Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for When Patching 'Critical' Vulnerabilities Doesn't Cut It