Carbon Black: 32 Security Experts on Changing Endpoint Security
The book includes insights from the following experts: Alina Sarvey, Endpoint Security Engineer, Leidos, Data Shows the Need for Better Endpoint Security>> Brent Maher, Senior Vice President – Chief Information Security Officer, Johnson...
Bobby Adams: A Holistic, Enterprise-Wide Strategy is Essential
Many scanning tools provide information about the severity of vulnerabilities. This needs to be part of your aggregated threat intelligence. Continuous scanning is an important part of any vulnerability management program for both vulnerability detection and...
Juan Morales: Focus First on Assets That Keep The Business Running
A dialog with business stakeholders is important because vulnerability-management systems don’t understand the context of how assets are being used. Solutions that have a prioritization model and support business criticality of assets is needed. By getting business...
Pieter Vanlperen: Risk Assessment and Prioritization is a Triage Process
In order to use vulnerability scans effectively in a risk-management strategy, you need to be able to triage and analyze risk, and there aren’t tools that can do that effectively today alone. Doing that requires systems and people. New AI systems based on machine...
Nick Green: In a Large Organization, Know the Risk Owners and Adapt to Their Needs
Before meaningful vulnerable management is possible, you must know what you are protecting. This means building an asset inventory that includes asset owners. If a business group does not agree with the security team’s risk rank and prioritization, it should be able...
John Trujillo: You Must Understand the Business Function of Digital Assets
To have effective risk management, there need to be standards around how risks are identified, how they’re ranked, and how they are either accepted or remediated. As you move to more automated, AI-driven tools for vulnerability scanning and analysis, you need to have...
Jayesh Kalro: To Manage Vulnerabilities Effectively, Define Business Priorities and Identify Critical Assets
Businesses must first define their priorities in order to effectively manage vulnerabilities in their environment. Automation can provide businesses with a powerful way to speed up their response time and react to threats with greater agility. Understanding active...
Lester Godsey: More Data Makes the Behavioral Analysis More Accurate
SOC leaders should look beyond just log data for anomalies. Threat insights can be found in data can comes from many sources, and it is not always structured. The ultimate goal is being able to respond quickly to detected threats, because having all the insight does...
Joseph Smith: Endpoints Are Part of One Giant, Integrated System
Given the unlimited time and resources available to determined attackers, an active security strategy is the better approach against an enemy that has a built-in advantage. A security strategy that combines activity monitoring, automated triggers, and limited endpoint...
Paul Heffernan: Moving from File Locking to Behavior Locking
With malware variants being generated far faster than any signature-based security solution can possibly keep up with, signature detection is not enough. Machine learning and artificial intelligence are critical tools for early threat detection, but they still require...
