Export or edit this event...

ISSA Portland Holiday Meeting

Embassy Suites Portland-Washington Square Ambassador South Ballroom
9000 SW Washington Square Rd
Tigard, Oregon 97223, US (map)

Website

Description

Please register to attend the event online: http://www.eventbrite.com/e/issa-portland-holiday-party-tickets-8163746987

When: Thursday, December 12, 2013 from 3:30 to 7:30 (PST)

Location: Embassy Suites Portland-Washington Square Ambassador South Ballroom 9000 SW Washington Square Rd. Tigard, Oregon. 97223

Presentation: Considerations of a Mature Vulnerability management Program In this presentation, Jesika McEvoy with Rapid7 will address best practices for standing up an effective vulnerability management program. Key questions like the following will be answered:

  • What are the roles/responsibilities that are needed to do vulnerability management?
  • What kind of timelines are reasonable in terms of expectations for remediation of a vulnerability after a scanner finds it? Are there industry best practices?
  • When a vulnerability is found that cannot be directly remediated via a patch or configuration change, what should a company do? Are there best practices for various types of mitigating controls that should be considered? What is the role for risk acceptance, and how should risk acceptance be documented and periodically reviewed?
  • How can organizations take the results from traditional network vulnerability scanners, and manual penetration testing engagements from third parties, and static/dynamic application security testing (for example: Veracode) results and manage them all in a comprehensive vulnerability management program.

Cost: $10 (member) / $15 (non-member) / $20 (at-the-door)

CPEs: ISSA meeting are appropriate for CPE credit. The chapter maintains proof of attendance for members but it is the members responsibility to ensure that these CPE's are credited to their respective accounts.

Share

Tags