CISA’s Known Exploited Vulnerabilities (KEV) Catalog скачать в хорошем качестве

CISA’s Known Exploited Vulnerabilities (KEV) Catalog

Tod Beardsley (CISA, US), Elizabeth Cardona (CISA) Elizabeth Cardona is a vulnerability analyst in the Cybersecurity and Infrastructure Security Agency. Working within the Cybersecurity Division's Vulnerability Management Office, she specializes in vulnerability analysis. Elizabeth has helped implement the Stakeholder Specific Vulnerability Categorization (SSVC) and the Known Exploited Vulnerability Catalog (KEV) in CISA. As a former dentist and healthcare provider, Elizabeth has a unique perspective on cybersecurity connecting the human aspect and technology. Tod Beardsley is employed at CISA, the Cybersecurity and Infrastructure Security Agency, part of the US government. He's also a founder and CNA point of contact for AHA!. He spends most of his time involved in vulnerability research and coordinated vulnerability disclosure (CVD). He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT ops, security, software engineering, and management positions in large organizations such as Rapid7, 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Tod is a CVE Board member has authored several research papers, and hosted the Security Nation podcast. He is also a Travis County Election Judge in Texas, and is an internationally-tolerated horror fiction expert. --- Join Tod Beardsley and Elizabeth Cardona, two experts on CISA’s Known Vulnerabilities and Exposures catalogue, or KEV, as they discuss the ins and outs of what KEV is, and perhaps equally illuminating, what it isn’t. Liz and Tod are both hands-on vulnerability analysts who are directly responsible for the KEV, so you won’t get any obfuscated double-speak platitudes here; this talk will most definitely delve into the technical details of what makes KEV tick. Perhaps most importantly, attendees will learn how they can help defend America’s cyber infrastructure by contributing to the KEV.