Moving Towards Modern Vulnerability Management – Ed Bellis – Ed Bellis – ESW #178
What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings.
Ed Bellis, Co-founder and CTO of Kenna Security Ed Bellis is a security industry veteran and expert and known in security circles as “the father of risk-based vulnerability management.” He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats. Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dharma and former advisor to SecurityScoreboard.com and Society of Payment Security Professionals. Ed is a contributing author to the book, Beautiful Security (Oram, Andy & Viega, John, O’Reilly Media, 2009). He is a frequent speaker at industry conferences. Recent engagements include the 2017 Enterprise Security Summit (Dos and Don’ts of Establishing Metrics that Cultivate Real Security) and InfoSec World (Amateur Hour: Why APT’s Are the Least of Your Worries).