Track 2
5 Feb 2022 2:00 PM - 3:00 PM

I love vulnerability management as a core discipline of what makes an effective security operations program because it can help to both reduce risk and improve efficiency. However, I still find many organizations are still stuck after rolling out a scanning tool (and then stopping). I've seen the reason for this being one of three main reasons (but there are more).


1 - Conflicting information between patching processes and vulnerability scanning tools

2 - Lack of guidance or frameworks to prioritize the growing list of vulnerability

3 - Very manual process without a clear understanding how to automate activities

This talk is for anyone who is working as a security analyst or leader who directly performs vulnerability management activities (identify, assess, triage, and track). Additionally, this will be really informative for those who have process inputs (any pentesters out there?) or outputs (IT and critical process owners).

This talk will give you all the tools and processes that you'll need to level up your program TODAY, without having to go ask for more budget (again).

Andy Jordan
Owner & Founder of New Genesis Solutions

Andy Jordan (CISSP, CISM, MCSA, MCP, Security+, Network+, ITIL v3, LeanIT) is the owner/founder of New Genesis Solutions, a managed services provider that focuses on cybersecurity program development and vulnerability Management services.

Andy has built and managed multiple security programs for numerous large and small organizations throughout his 15-year career. He uses lean and agile methodologies to create demonstrable value within complex infrastructure and security programs. He is an active figure in the information security community, having presented multiple times at Cactuscon.