Taking an Application-Centric Approach to Attack Surface Management with a Live Demonstration Showing How to Start Assessing and Analyzing Applications for DAST Vulnerabilities

Webinar Registration

You’re tasked with managing and reducing risk across an ever-growing and changing attack surface. The bad guys are looking for innovative ways to take advantage of vulnerabilities in more applications than ever before. This has caused the scope of vulnerability management to grow well-past just critical systems to now include both local and on-premises infrastructure, cloud-based and virtualized assets and services, as well as – most critically – now the application layer.

Currently this effort is fragmented requiring numerous teams and causing most organizations to adopt multiple point solutions. Conversely, attackers aren’t siloed in their approach to exploitation; even basic reconnaissance includes gathering potential points of exploitation across the entire stack.

The next evolution in attack surface management and vulnerability programs must also be an integrated approach where risk is managed and accountability organized around an application AND the associated infrastructure.

In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia takes my seat, and will first discuss:

  • Why Vulnerability Management needs to expand
  • Challenges to expanding to include applications and infrastructure
  • What MITRE has to say about application security

Nick will then be joined by Devin Krugly, Practice Advisor for the VRM Practice, Garrett Gross, Technical Advisor, Application Security and Justin Prince, Technical Advisor – Vulnerability Risk Management (VRM), all from Rapid7.

Devin and Justin will discuss why traditional attack surface management programs need to change, including:

  • Chipping away at the legacy siloed approach, including methods to initiate change
  • Unanticipated benefits of a coordinated program that attacks the full stack from applications to kernel
  • Deriving meaningful reporting that supports actionable results

Garrett will then demonstrate how to configure and run a Dynamic Application Security Test (DAST), stepping through how to facilitate authenticated scans through validation of the identified vulnerabilities.

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Upcoming Webinars
    Additional Resources