ON-DEMAND WEBINAR

Rethinking Vulnerability Prioritization: Beyond CVSS

As attackers evolve, so must the strategies for identifying and prioritizing vulnerabilities. This webinar, led by Jay Jacobs, co-founder of Cyentia Institute and one of EPSS's creators, and Guillaume Ross, Deputy CISO at JupiterOne, will delve into Cyentia Institute's latest research, addressing the limitations of traditional vulnerability management methods like CVSS, and providing attendees with insights on integrating EPSS into their security practices.

What You'll Learn

Today’s threat landscape requires the rapid identification and prioritization of vulnerabilities to keep pace with attackers. Traditional methods, such as the Common Vulnerability Scoring System (CVSS), have shown to be ineffective for vulnerability management. Despite this, many organizations continue to rely on CVSS scores to shape their vulnerability prioritization strategies.

This webinar deep dives into the emerging trend of utilizing the Exploit Prediction Scoring System (EPSS). EPSS is beginning to change the way we approach vulnerability management by providing a probability that a specific CVE/vulnerability will be exploited within the next 30 days. This dynamic and predictive framework offers a significant advantage over static CVSS scores.

Join Jay Jacobs, Co-founder at Cyentia Institute and one of the creators of Exploit Prediction Scoring System (EPSS) and Guillaume Ross, Deputy CISO at JupiterOne to explore the latest findings from Cyentia Institute's research, "A Visual Exploration of Exploitation in the Wild". This session will provide valuable insights into how EPSS can enhance your organization's security posture by prioritizing vulnerabilities based on their likelihood of exploitation.

Key Takeaways:

  • Understand the limitations of CVSS in modern vulnerability management
  • Learn about the Exploit Prediction Scoring System (EPSS) and its benefits
  • Gain insights from Cyentia Institute's inaugural study on EPSS data and performance
  • Discover practical strategies to integrate EPSS into your vulnerability management processes
  • Q&A session with cybersecurity experts

Haven't read the report? Get your copy here.

Jay Jacobs

Jay Jacobs
Co-founder and Chief Data Scientist
Cyentia Institute

Guillaume Ross

Guillaume Ross
Deputy CISO
JupiterOne

Jay_Jacobs
Jay Jacobs

Jay is a Co-founder and Chief Data Scientist at Cyentia Institute, a research firm dedicated to advancing the state of information security knowledge and practice through data-driven research.  Jay is the lead data scientist for the Exploit Prediction Scoring System (EPSS) and is co-chair of the EPSS special interest group at FIRST. Jay is also a co-author of “Data-Driven Security”, a book covering data analysis and visualizations for information security professionals. Connect with Jay on Linkedin.

guillaume_ross
Guillaume Ross

Guillaume has been a security practitioner for over a decade, building on prior experience working in enterprise IT. With experience in multiple cyber security companies,  he's also worked on the blue-team side for large organizations and startups, and really enjoys challenging preconceived ideas. Why do something because everyone else is, or because we've always done it this way? Let's prove it's useful first! Connect with Guillaume on LinkedIn.