Explore a comprehensive analysis of asset management flaws and potential solutions in this 52-minute conference talk from BSides Chicago. Delve into the shortcomings of current remediation metrics and learn how to prioritize fixing vulnerabilities that truly matter. Examine the concept of live vulnerabilities and understand the importance of establishing a baseline. Discover why traditional asset management approaches fall short and gain insights into building a more effective model using ordinal scales and ground truth metrics. Investigate the benefits of improved asset management, including network placement strategies and optimal timing for vulnerability closure. Analyze the distinctions between userland and target attacks, and learn how to implement mitigating controls. Gain a deeper understanding of asset prioritization, exploring two types of criticality and methods for measurement. Conclude by addressing the challenge of classification in cybersecurity asset management.
Overview
Syllabus
Introduction
I am not a security professional
What I do have
More can happen than oil
Bad remediation metrics
Fix what matters
Live vulnerabilities
Baseline
The Takeaway
Why Asset Management Is Broken
The Ordinal Scale
The Data
Ground Truth Metrics
Riskiest Vulnerability
Building a Model
Ranking the Order
Why This Is Better
Asset Groups
Benefits of Asset Management
Models
Network Placement
When to close vulnerabilities
The numbers game
Userland vs target attacks
Mitigating controls
Asset prioritization
Two types of criticality
How to measure
The challenge classification
