|
394 | 394 | </span> |
395 | 395 | </a> |
396 | 396 |
|
| 397 | +</li> |
| 398 | + |
| 399 | + <li class="md-nav__item"> |
| 400 | + <a href="#francesco-cipollone-ceo-founder-phoenix-security" class="md-nav__link"> |
| 401 | + <span class="md-ellipsis"> |
| 402 | + Francesco Cipollone CEO & Founder Phoenix Security |
| 403 | + </span> |
| 404 | + </a> |
| 405 | + |
397 | 406 | </li> |
398 | 407 |
|
399 | 408 | </ul> |
|
1439 | 1448 | </span> |
1440 | 1449 | </a> |
1441 | 1450 |
|
| 1451 | +</li> |
| 1452 | + |
| 1453 | + <li class="md-nav__item"> |
| 1454 | + <a href="#francesco-cipollone-ceo-founder-phoenix-security" class="md-nav__link"> |
| 1455 | + <span class="md-ellipsis"> |
| 1456 | + Francesco Cipollone CEO & Founder Phoenix Security |
| 1457 | + </span> |
| 1458 | + </a> |
| 1459 | + |
1442 | 1460 | </li> |
1443 | 1461 |
|
1444 | 1462 | </ul> |
@@ -1466,6 +1484,11 @@ <h2 id="patrick-garrity"><a href="https://www.linkedin.com/in/patrickmgarrity/"> |
1466 | 1484 | <p>Within these pages, readers will discover valuable insights from a practitioner's perspective, empowering them to make informed risk decisions, prioritize CVEs effectively, and implement these principles within their own environments.</p> |
1467 | 1485 | <p>Chris skillfully combines human-based logic, represented by decision trees aligned with Stakeholder-Specific Vulnerability Categorization (<abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr>), with established open standards such as the Common Vulnerability Scoring System (<abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr>), <abbr title="Cybersecurity & Infrastructure Security Agency">CISA</abbr> Known Exploited Vulnerabilities (<abbr title="Cybersecurity & Infrastructure Security Agency">CISA</abbr> <abbr title="Known Exploited Vulnerability">KEV</abbr>), and the Exploit Prediction Scoring System (<abbr title="Exploit Prediction Scoring System">EPSS</abbr>). By doing so, he equips readers with a comprehensive understanding of how to leverage these standards effectively.</p> |
1468 | 1486 | <p>With a meticulous emphasis on data-driven analysis and recommendations, Chris provides depth and clarity that are essential for any modern vulnerability management program. This guide is an indispensable resource for security professionals seeking to enhance their approach to risk prioritization.</p> |
| 1487 | +<h2 id="francesco-cipollone-ceo-founder-phoenix-security"><a href="https://www.linkedin.com/in/fracipo">Francesco Cipollone CEO & Founder Phoenix Security </a><a class="headerlink" href="#francesco-cipollone-ceo-founder-phoenix-security" title="Permanent link">¶</a></h2> |
| 1488 | +<p>Security practitioners are currently inundated by vulnerabilities and the state of prioritization does not have any guideline on how to fix vulnerabilities and where to focus. </p> |
| 1489 | +<p>This guide is a brilliant starting point for any practitioner that wants to apply prioritization techniques and start making data driven and risk driven decisions. </p> |
| 1490 | +<p>As a practitioner myself, I wish I had such a guiding group and guidance when leading vulnerability management efforts. </p> |
| 1491 | +<p>Special Kudos to the <abbr title="Exploit Prediction Scoring System">EPSS</abbr> group and Chris Madden driving the initiative with an unbiased view and a clean, clear data driven approach. </p> |
1469 | 1492 |
|
1470 | 1493 |
|
1471 | 1494 |
|
|
0 commit comments