Real Time Vulnerability Alerting by Using Principles from the United States Tsunami Warning Center

Explore principles from the United States Tsunami Warning Center applied to real-time vulnerability alerting in this 44-minute OWASP Foundation conference talk. Learn about triaging vulnerabilities, understanding tsunami occurrence, and the Deep Ocean Assessment Reporting System. Discover how surface buoys, data collection, and analysis techniques can be adapted for vulnerability intelligence. Examine the Vulnerability Intelligence Quotient, CVSS scoring, and one-year data trends. Compare prioritization methods, analyze critical vulnerabilities, and review top 10 vulnerability lists. Gain insights into future developments in cybersecurity alerting systems inspired by natural disaster warning mechanisms.

Intro
Welcome
Outline
Number of Unique Vulnerability
How to triage vulnerabilities
How tsunamis occur
Deep Ocean Assessment Reporting System
Surface Buoys
Data Collection
Technology
Design
Data Analysis
Vulnerability Analysis
Vulnerability Intelligence Quotient
Intelligence Quotient
CVSS
One Year Data
Prioritization
Critical
Comparison
Data
NSA Curveball
Top 10 vulnerabilities
Future work