Главная
Study mode:
on
1
Intro
2
Today's Journey...
3
Data Sources
4
Simplified View of Vulnerabilities
5
Things Happen Quick
6
Is CVSS used to prioritize IRL?
7
The Vendor Role in Remediation?
8
Top 3 Vendors
9
Top Products going unpatched
10
Probability of Patching
11
The Case for Auto-Patching
12
Measuring Remediation Decisions
13
Measuring Decisions: CVSS 10
14
Vendor-based Strategy
15
Predictive Model
16
What contributes to exploitation in the wild?
17
Predicting Probability: "well calibrated"
18
RSAConference 2019 San Francisco March 4-8 Moscone Center
Description:
Explore the causation behind vulnerability exploitation in this 50-minute RSA Conference talk. Delve into an extensive analysis of tens of thousands of vulnerabilities, examining CVSS scores, CVE, NVD, and various data feeds to identify key factors influencing exploitation probability. Gain insights into improving vulnerability management by considering the broader context beyond technical aspects. Learn to critically evaluate existing vulnerability scoring systems and understand the importance of testing prioritization methods for remediation efforts. Examine the role of vendors in remediation, auto-patching considerations, and decision-making metrics. Discover a predictive model for exploitation probability and understand the contributing factors to real-world exploitation. Suitable for those with basic knowledge of vulnerability types and frameworks, this talk provides valuable insights for professionals working in or around security vulnerabilities and patch management.

The Etiology of Vulnerability Exploitation

RSA Conference
Add to list
0:00 / 0:00