Presentations from the foreseeti April Tech Meetup Webinar
On the 29 of April 2020 foreseeti and KTH held a very appreciated webinar about “Integrating securiCAD in your Dev(Sec)Ops and Vulnerability management”. Here are the presentations and films from the webinar.
Can the Common Vulnerability Scoring System be Trusted?
Assessing and managing cyber risk is central for businesses, but a highly complex task. One part of cyber risk is software vulnerabilities. The Common Vulnerability Scoring System (CVSS) is the state-of-the art system for assessing software vulnerabilities. However, it has been criticized for lack of validity and practitioner relevance. In this session Professor Mathias Ekstedt will present the findings of a thorough study assessing the credibility of the CVSS scoring data found in five leading databases – NVD, X-Force, OSVDB, CERT-VN, and Cisco.
Mathias Ekstedt, Prof. KTH Royal Institute of Technology, Stockholm, Sweden
Learn how to integrate securiCAD in your Automated Dev(Sec)Ops and Vulnerability Management
With a few lines of Python code and standard AWS libraries, you are now able to continuously simulate attacks on a virtual model of your AWS environment. This is an easy way to find security flaws, weak spots and misconfigurations in your AWS environment. You and your team can prioritize mitigation, actions and use your time and budget more efficiently.
Erik Ringdahl, Product Director, foreseeti
Does working remotely affect a company’s cyber security?
More and more employees are working remotely and connecting to their corporate network from all sorts of non-secure connections. foreseeti have together with a customer in the banking sector developed a model of an IT environment where we look at how working remotely can affect their Cyber security. Various scenarios of attack simulations were carried out on the model and evaluated together with the customer. The results clearly show how important it is to work with threat modeling and attack simulations. Joar Jacobsson will show how this analysis was done and how it can be done for your organization.
Joar Jacobsson, IT Security Consultant & Tutor, foreseeti