BSidesSF 2023 - When is a vulnerability not a vulnerability? Overcoming the... (Adam Berman)

When is a vulnerability not a vulnerability? Overcoming the inundation of noisy supply chain security alerts
Adam Berman

This talk presents a counterintuitive approach to strengthening security: one that ignores over 90% of security vulnerability alerts. Using specific examples, it illustrates how orgs can ignore alerts with high confidence, and how this enables a marked shift in security workflows and behavior.

https://bsidessf2023.sched.com/event/1JrCj/when-is-a-vulnerability-not-a-vulnerability-overcoming-the-inundation-of-noisy-supply-chain-security-alerts

adam alerts security security alerts security vulnerability supply supply chain supply chain security vulnerability