Explore a comprehensive vision for the future of network security in this 46-minute RSA Conference talk. Learn how standardized posture information collection and security automation can revolutionize network defense against intrusions. Understand the current challenges facing security professionals, including the impact of disconnected defensive systems. Discover a three-step approach to security automation and delve into practical solutions such as SWID tags for software identification and ROLIE for vulnerability management. Gain insights into event-driven posture collection, supply chain risk management, and the latest updates on the Security Content Automation Protocol (SCAP) 2.0. Apply these concepts to strengthen your organization's network defenses and stay ahead of evolving threats.
Overview
Syllabus
RSAConference 2019 San Francisco March 4-8 Moscone Center
Attacks Cause Collateral Damage
CIS Top 20
Security Automation in Three Simple Steps
How can we perform these steps?
What is an Endpoint?
Use SWID Tags to identify Software
Correlate Device Identities
Proposal #1: Collect Event-Driven Posture
Vulnerability Discovery, Exploitation and Remediation
ROLIE and its Use Cases
Leverage vulnerability information
Vulnerability Information and Supply Chain Risk Management
Vulnerability Management on the Network
Apply What You Have Learned Today
Security Content Automation Protocol (SCAP) 2.0 Update
Taught by
RSA Conference
