Sashank DaraSession Video
About this session
This talk provides the short comings in current vulnerability scoring techniques like CVSS, EPSS when it comes to triaging vulnerabilities. Provides directions, scientific foundations and use cases of how to build more robust vulnerability management programs that is driven by risk based decisions. This talk also gives sneak peak into current state of art research, use cases and open problems in this fascinating and emerging area of “Cyber Risk Intelligence” (Not to be confused with Cyber Threat Intelligence). The talk content is based on experiences of speaker working with numerous clients globally and at the same time humble attempt to push the technology boundaries of cyber risks
Publications:
- Risk Prioritization (https://seconize.co/blog/how-to-prioritize-cloud-native-vulnerabilities/)
- Cyber Risk Management 101 ( https://www.youtube.com/watch?v=SzFSQqQNYCM&t=6s )
- Cyber Risk Intelligence (https://youtube.com/watch?v=3qCGMMcOn_o)
- Free Risk Scoring Tool (https://riskscore.info - TBA)