Yotam Perkal
Yotam leads the vulnerability research team at Rezilion, focusing on research around vulnerability validation, mitigation, and remediation.
Prior to Rezilion, Yotam filled several roles at PayPal Security organization, dealing with vulnerability management, threat intelligence, and Insider threat. Additionally, Yotam is also a member of the PyCon Israel organization committee, a member of the EPSS SIG, takes part in several OpenSSF working groups around open-source security as well as several CISA work streams around SBOM and VEX.
He is passionate about Cyber Security and Machine Learning and is especially intrigued by the intersection between the domains, whether it be using ML in order to help solve Cyber Security challenges or exploring the challenges in securing ML applications.
Session
In the current cybersecurity landscape, organizations are engaged in a never-ending game of whack-a-mole, struggling to keep pace with the rapid increase in vulnerabilities stemming from unprecedented volumes of code combined with an increased reliance on third-party software. Such a reactive approach to vulnerability management is inefficient and unsustainable as the gap between the discovery and remediation of vulnerabilities continues to widen, while the time it takes for attackers to exploit known vulnerabilities decreases.
This talk proposes a proactive pivotal shift towards a scalable, automated, and risk-oriented vulnerability management strategy. We'll explore the transformative potential of standards and frameworks like SBOM (Software Bill of Materials), CSAF (Common Security Advisory Framework), and VEX (Vulnerability Exploitability Exchange), to automate, streamline, and enhance the vulnerability management process while aligning remediation efforts with genuine risk impacts..
Attendees will gain insights into how automation can adapt to the evolving threat landscape, ensuring that vulnerability management is both effective and sustainable in an increasingly complex cybersecurity environment.