Software Engineering Institute

In this talk we will discuss some of the challenges of legacy approaches to vulnerability management. We will discuss how they create toil, resentment and further build silos between Development, Engineering and Security, running counter-productive to the push for DevSecOps. We will then dive into how to go about modernizing vulnerability management, minimize toil and focus on real risks to the mission and organization and truly empower cybersecurity to function as a business enabler.