Menu
A+ A A-

ITBN 2013 - 1. nap - 2013-09-25

Előadás
Cím: Advanced Vulnerability Management - new approach to solve TOP critical controls
Előadó: Marek Skalicky Managing Director CEE, Qualys
Időpont: 11:15 - 11:40
Helyszín: 15. Terem
Témakörök:
Az előadás videója:
Az előadásról
Az ICT sérülékenység menedzsment az egyike a leginkább ajánlott biztonsági kontrolloknak, ennek ellenére a napi gyakorlatban gyakran megfeledkezünk róla. Az elmúlt években a SAN S Institute összeállította a "TOP 20 Critical Security Controls" listát, amely a legfontosabb és a leghatékonyabb IT biztonsági kontrollokat tartalmazza, azokat amelyek valóban működnek. Az előadásból megismerhetjük, hogy a QualysGuard rendszer hogyan nyújt támogatás a legfontosabb 6 kontroll megvalósításához és működtetéséhez.
About the presentation
ICT Vulnerability Management has been known for a while as one of the most recommended security best practice, but still seems to be overlooked in daily IT security routines and procedures. During past year SANS Institute introduced 'TOP 20 The Critical Security Controls' focusing on the most powerful security functions that are effective against the latest Advanced Targeted/Persistent Threats, with a strong emphasis on "What Really Works". How QualysGuard support functionality of TOP 6 most important SANS Controls using advanced approaches like Asset Tagging, Continuous Vulnerability Monitoring, Vulnerability Prediction Engine, Zero-Day Analyzer or 3rd generation of Web Application Scanner will be presented and demonstrated during live demo session afterwards.
Az előadóról
About the presenter
Marek Skalicky joined Qualys company in 2008 as Regional Account Manager for Eastern Europe with focus on CEE region business development but has been cooperating with Qualys since 2003 as a Security Consultant. Prior to Qualys Mr. Skalicky managed information security projects at company Risk Analysis Consultants for many enterprise customers in the Czech Republic with a focus on Information Risk Management, Vulnerability Management and the implementation of ISMS process based on ISO/IEC 2700X standards. He holds CRAMM, ISO 27001 Lead Auditor, CISM and CRISC certifications and he is a member of ISACA, OWASP and CSA local chapters.
A támogatóhoz kapcsolódó anyagok