Vulnerability Management Sucks.
02-11, 12:30–12:40 (UTC), Track 2 - Foxhunter

It seems simple enough... or at least till you start scaling. Take a dive through the wonderful world of the vulnerability management extravaganza and some examples I've faced when trying to make sense of the data soup.

This talk aims to highlight some of the issues that seem to be a common headache. The task of combining the varying vulnerability management solutions you may have and presenting it back to relevant stakeholders in a neat package, all while trying to properly understand what data matters. Not forgetting the varying compliance and certification requirements that need meeting....

There is a larger focus on traditional infrastructure vulnerability management in this talk.

Blue security person with interests from DFIR to Infrastructure as Code, with a current focus on building cool solutions for various security challenges.