Robots Ninjas Pirates and Building an Effective Vulnerability Management Program

Explore the intricacies of building an effective vulnerability management program through the lens of robots, ninjas, and pirates in this engaging conference talk from BSides Boston 2015. Delve into the importance of vulnerability management and meet the diverse characters representing different roles within the security department. Discover how these archetypes translate to real-world cyber attackers and learn about the challenges they present. Examine the goals of a robust vulnerability management strategy, including prevention, detection, reaction, and self-reliance. Gain insights on evaluating tools and defining criteria for an effective program. Understand how external conditions and historical references play a role in vulnerability management, and learn why what you don't know could be your biggest threat.

Intro
Vulnerability Management...
A Robot, Ninja & Pirate Get Into a Fight, Who Wins?
Why Do We Need Vulnerability Management?
Meet The Robots, Ninjas and Pirates in the Security Dept.
Moral of the story...
Pirates Lack Social Skillz
Meet the Robots, Ninja and Pirate Attackers
Cyber Pirate Attackers
What you don't know will probably be the thing that hurts you
External conditions
Vulnerability management is a historical reference.
Goal: Prevention - prevent bad things with the resources you have
Goal: Detection YOUR MAN IS CHEATING.
Goal: React - Define priorities and enable people to take action
Goal: Do it yourself.
Goal: Evaluate tools - Define the evaluation criteria