Factors in Prioritization
Fetch error
Hmmm there seems to be a problem fetching this series right now. Last successful fetch was on October 29, 2023 11:13 ()
What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 345411654 series 3381076
Prioritizing threat/vulnerability findings takes thought, a satellite cam, and a microscope if you don't have an AppSecOps platform at work. There's a lot to consider: criticality variance across tools (they don't come normalized out of the box), threat intelligence on CVEs, and tool/technique weight factors, for starters.
A major concept is the context around the app/sub-app/module associated with a finding. The software's dependencies, environment, provenance, and the sensitivity of its data are just a few values that affect priority. That context dictates resource alignment, while risk scoring influences specific tactical activities thereafter.
About ArmorCode
We develop, sell, and deliver the world’s first and leading AppSecOps platform to our customers, along with the expertise, support and community they need to ship secure software and ship it fast. The ArmorCode platform brings together powerful AppSec Posture, Vulnerability, and Compliance Management with DevSecOps workflow automation.
_____________________________________________________
Follow us
www.armorcode.com
LinkedIn: https://www.linkedin.com/armorcode
Twitter: https://twitter.com/code_armor
_____________________________________________________
About AppSecOps
What is AppSecOps? https://www.armorcode.com/what-is-appsecops
The State of AppSecOps Report: https://www.armorcode.com/state-of-appsecops-2022
AppSecOps Research from Enterprise Strategy Group: https://www.armorcode.com/esg-appsecops-showcase
8 قسمت