| CONVERSATION HOSTS: | ||
 Donald Fischer CEO and co-founder Tidelift |
 John Mark Walker Director of OSPO Fannie Mae |
|
What is the goal of your organization’s current vulnerability management strategy? Is your goal to eliminate all vulnerabilities? This sounds like a noble goal. But the truth is that the number of vulnerabilities being reported increases exponentially every year, which makes a zero vulnerability goal an endless game of whack a mole.
The real goal most organizations would actually like to achieve with their vulnerability management strategy is to reduce security risk. But development teams are overwhelmed triaging long lists of vulnerabilities, often without enough context on which are the most important to patch to actually reduce risk.
Meanwhile, open source maintainers are also swamped with vulnerability reports to investigate, many of which end up being false positives. We’ve managed to create a self perpetuating vulnerability detection and remediation industrial complex. And, worst of all, it may not actually be delivering the outcome we really desire: actual security risk reduction.
Join us live on Wednesday, Sept. 18 when we bring together leading experts with clear ideas on what we can change about the vulnerability management status quo.
They’ll lead an interactive dialogue with other industry leaders like you, as we share experiences, debate new ideas and approaches, and walk away with some fresh ideas for attacking the vulnerability management challenge.
