[Owasp-Houston] OWASP Houston October Chapter Meeting - Monday October 17, 2016 at 6:30P

Joseph Konieczka joseph.konieczka at owasp.org
Wed Sep 21 17:32:01 UTC 2016

OWASP Houston October Chapter Meeting

Monday October 17, 2016 at 6:30PM

Title: Is Your Vulnerability Management Program Evolving? Introducing the
Vulnerability Management Maturity Model – VM3

Speaker: Gordon MacKay

Presentation Abstract:

Vulnerability management (VM) solutions and products that are central to
every information security program contain a serious “hidden” flaw. This
software flaw is interleaved within pattern matching-like algorithms
located deep within the foundational core of the most widely used automated
VM solutions on the market. As a direct consequence of this flaw, even
though these products report a certain level of network security risk, the
metric upon which their calculations are based is skewed, resulting in an
unintentional gap between the products’ intended information risk
measurement and the erroneous measurement actually reported. This session
covers the technical details of the referred to hidden flaw, its
consequences and what you can do to limit your exposure.

Speaker Bio

Gordon MacKay, CISSP, serves as CTO for Digital Defense, Inc. He applies
mathematical modeling and engineering principles in investigating solutions
to many of the challenges within the information security space. His
solution to matching network discovered hosts within independent
vulnerability assessments across time resulted in achieving patent-pending
status for the company’s scanning technology. MacKay has presented at
numerous security related conferences, including Bsides Austin 2016, BSides
San Antonio 2016, BSides Dallas 2015, RSA 2013, ISC2 San Antonio, ISSA
Houston, ISACA San Antonio, and has been featured by top media outlets such
as CIO Review, FOX Business, Fox News, Softpedia, IT World Canada and
others. He holds a Bachelor's in Computer Engineering from McGill
University. He is a Distinguished Ponemon Institute Fellow.

Building security requires the list of attendees with their full names by
the Friday prior to the meeting, so please signup by the Thursday before
the meeting.

Please use the following Eventbrite link to register for the meeting.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-houston/attachments/20160921/9d34aec0/attachment.html>

More information about the Owasp-Houston mailing list