RVAsec 13

A good prioritization plan should let you know where to start when tackling risk. And yet, people don't know where to start when developing a good prioritization plan! Even worse, we make a number of bad assumptions when trying to navigate this labyrinth.

Which method is the best? Are many methods better than one? How many is too many? What does “best” even mean?

Ask 10 different practitioners these questions and you might get 10 different answers. There’s no better example of this situation than with the plethora of vulnerability prioritization methods available today. Luckily, we’ve been able to collect an unprecedented amount of data on vulnerabilities, and it’s taught us a lot about what makes sense, and what doesn’t.

Join us as we use this vulnerability data to dispel myths, avoid pitfalls, and conjure some solid recommendations that will put you on a better path.

Remediation can feel like a high-wire act, balancing the need to close exposures against the imperative of maintaining business continuity. This talk addresses the quintessential challenge: how can organizations utilize their existing arsenal of security tools to remediate vulnerabilities, misconfigurations, and exposures without halting the business engine? Glean insights from a seasoned industry expert on leveraging security logs, configurations, and threat intelligence to unearth exposures, teaching CISOs to navigate this delicate balance.

Two hundred years ago, the first volume of fairy tales was published by the Brothers Grimm, introducing to the world a realm of magic, dark forests, and powerful villains to haunt everyone's dreams.  

We never imagined this realm would exist in the digital age. "Once Upon A Cyber Threat"  delves into the realm of advanced persistent Threat Groups (APTs), drawing parallels between the world of poisoned apples, breadcrumb trails, and magic mirrors and today's modern cyber threats. Serving not a tale of caution but a call to action and a lesson in storytelling, creating an outline that can help every security professional impart the caution, wisdom, and resilience we need to become the narrators that transformed Brother Grimm's tales into the happy ever after stories we know today.

Gain insight into the evolving landscape of cybersecurity in the age of AI Generated Content. From defending against multi-vector cyber attacks to empowering your workforce through AI-powered cybersecurity awareness, Defending Against the Deep delves into the intricacies of Generative AI. Together, we will look at case studies, a technical demonstration of current capabilities, keys for leveling up your workforce, and an opportunity to test your ability to recognize AI Generated Content. In this talk, explore how the same technology used for malicious intent can be harnessed for good, offering innovative solutions to safeguard enterprise environments.