Do you ever run into problems with your vulnerability management program that you wished you had at your fingertips just one more little piece of information? To help conduct some prioritization, or to know who the business owner is, or to inform people this was an end of life system… All valuable and great to have readily available. But alas, we often are missing information, or it is not easy to access.
Join Jonathan (MGT516 co-author and SANS certified Instructor) as he starts this 3 part series on vulnerability management and will discuss contextual information, and how to get access to it. From asset inventory to ownership details to threat intelligence to tags on systems, he will outline how to get access to this critical information to be able to use within your vulnerability management program.
Part 2: Leveraging Context
www.sans.org/w...
Part 3: Is the Program Effective?
www.sans.org/w...
About the Speaker - Jonathan Risto
With a career spanning over 20 years that has included working in network design, IP telephony, service development, security and project management, Jonathan has a deep technical background that provides a wealth of information he draws upon when teaching. Currently, Jonathan works for the Canadian Government conducting cyber security research in the areas of vulnerability management and automated remediation. He is also an independent security consultant. Jonathan is a co-author and instructor for SANS MGT516: Managing Security Vulnerabilities - Enterprise and Cloud. Read more about Jonathan at www.sans.org/p...
MGT516: Managing Security Vulnerabilities: Enterprise and Cloud - www.sans.org/c...
Learn more about SANS Cybersecurity Leadership Curriculum at www.sans.org/cybersercurity-leadership
Connect with us on social:
LinkedIn - SANS Security Leadership
Twitter - @secleadership
KZbin - SANS Institute - Cybersecurity Leadership playlist
Discord - www.sansurl.com/leadership-discord
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.