August 14, 2014 · 6:30 PM
This location is shown only to members
Michael Roytman is responsible for building out Risk I/O’s predictive analytics functionality, and has been selected to speak at some of the top information security events on this topic, including BSides, Metricon and SIRACon. He formerly worked in fraud detection in the finance industry, and holds an MS in Operations Research from Georgia Tech. His home in Chicago contains a small fleet of broken-down drones.
WHAT YOUR SECURITY DATA ISN'T TELLING YOU
Vulnerability prioritization is where everybody goes wrong and nobody knows it. CVSS currently guides the vulnerability management strategies for most organizations. This talk will prove why the standard is at best obsolete, by using analytical model analysis as well as live data from 20,000 organizations, over 1 million assets and over 50 million vulnerabilities. By correlating this dataset to a previously unexplored dataset of live, ongoing breach events, we analyze, for the first time with hard data, the effectiveness of vulnerability management strategies through sensitivity and predictive value positive analysis, and offer alternatives that fare far better than the status quo.
6:30p: Doors open
7:05p: Welcome & announcements
Risk I/O is a software-as-a-service platform that correlates external Internet breach and exploit data with vulnerability data so organizations can focus on fixing the most critical vulnerabilities. Risk I/O processes over a billion vulnerabilities a month against Internet breach data for its users.
Raffle prizes (including one free pass to Strata Conf. + Hadoop World) provided courtesy of O'Reilly Media.
Meetup members get 20% off Strata with UGDSATL20