Kenna Security is now part of Cisco

|Learn more

The Vulnerability Wheel of Pain Rolls in to NYC/NJ

Feb 3, 2011
Ed Bellis
Chief Technology Officer, Co-founder

Share with Your Network

Just a quick note to make those in the New York area aware, I’ll be bringing my BayThreat talk on standards such as SCAPand WASC-TC to OWASP New York and OWASP New Jersey. If you find yourself in town February 9th or 10th be sure to stop by to talk AppSec and vulnerability management. A synopsis of the presentation is below:

Using Open Standards To Break The Vulnerability Wheel Of Pain:Vulnerability management has become a painful repeating process of assessing, reporting, prioritizing and mitigating. Coined as the Hamster Wheel of Pain by Andy Jaquith, this process often includes teams of people slogging through a pile of spreadsheets trying to figure out what’s real, what’s important, and what was missed. By the time a security team gets through one spin of the hamster wheel they are already behind and the findings are piling up! By combining standards such as SCAP and the WASC Threat Classification with automation and workflow, teams can break out of the wheel of pain and make vulnerability management a viable effort across all layers of the stack.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.