Establishing a Quality Vulnerability Management Program without Wasting Time or Money presented at BsidesColombus 2016

by Zee Abdelnabi,

Summary : • Sell the story to establish your program to management. • Compare Vulnerability Management (VM) tools and learn how to pick the best tool set for your environment.
• Determine the scope of devices do you want to include - mobile, employee devices, mainframe, plant floor, medical devices, SCADA?
• Evaluate the costs and advantages of paying for Professional Services deployment vs training your team.
• Determine the skills and competencies necessary to make a successful team. • Make a complete runbook. • Establish report templates and metrics do you need to show your program is successful.
Get the perspective from an experienced former VM consultant who can set you on the right path from day one! The things you learn will allowing you to save money by using the quarterly vulnerability assessments rather than paying for external penetration testing and provide you the steps to avoid when setting up your VM program