Platform
Resources
Company
Request demo
Platform
Resources
Company
Request demo

Factors in Prioritization

October 27, 2022
Factors in Prioritization
Description

Prioritizing threat/vulnerability findings takes thought, a satellite cam, and a microscope if you don't have an AppSecOps platform at work. There's a lot to consider: criticality variance across tools (they don't come normalized out of the box), threat intelligence on CVEs, and tool/technique weight factors for starters. A major concept is the context around the app/sub-app/module associated with a finding. The software's dependencies, environment, provenance, and the sensitivity of its data are just a few values that affect priority.

Resources

About the Guest

Mark Lambert
Mark Lambert
VP of Products, Armorcode
Linkedin Logo
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
Read more
Mark Lambert
Mark Lambert
VP of Products, Armorcode
Linkedin Logo
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
Read more

Watch the episode here

Available on:

Location
2100 Geng Road, Suite 210,
Palo Alto, California, 94303,
United States of America.
Platform
Why AppSecOps?
Platform overview
Integrations
Use Cases
Application Security Posture Management (ASPM)
Unified Vulnerability Management (UVM/RBVM)
Application Security Orchestration and Correlation (ASOC)
DevSecOps Orchestration and Automation
Company
About
Community
Partners
News
Events
Contact
Careers
Resources
Resource Library
Blogs
Podcasts
SOC 3
Copyright © 2023. All rights reserved.  Privacy Policy | Terms of Use | Security
Platform
Resources
Company
Request demo
Episode 8

Factors in Prioritization

Prioritizing threat/vulnerability findings takes thought, a satellite cam, and a microscope if you don't have an AppSecOps platform at work. There's a lot to consider: criticality variance across tools (they don't come normalized out of the box), threat intelligence on CVEs, and tool/technique weight factors for starters. A major concept is the context around the app/sub-app/module associated with a finding. The software's dependencies, environment, provenance, and the sensitivity of its data are just a few values that affect priority.

Resources
Apple Podcasts
Google Podcasts
Amazon Music
Audible
Spotify
Stitcher
YouTube
PlayerFM
Pocket Casts
iHeartPODCASTS
TUNEIN
Further listening
Episode 39
Expert Experiences: Nuno Loureiro
Episode 38
From Data to Context
Episode 37
Your ASOC Story
Episode 36
GSA.gov on Application Security Testing

Subscribe for updates

Please enter a business email
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Location
2100 Geng Road, Suite 210,
Palo Alto, California, 94303,
United States of America.
Platform
Why AppSecOps?
Platform overview
Integrations
Use Cases
Application Security Posture Management (ASPM)
Unified Vulnerability Management (UVM/RBVM)
Application Security Orchestration and Correlation (ASOC)
DevSecOps Orchestration and Automation
Company
About
Community
Partners
News
Events
Contact
Careers
Resources
Resource Library
Blogs
Podcasts
SOC 3
Copyright © 2023. All rights reserved.  Privacy Policy | Terms of Use | Security