Prioritization: Likelihood, Impact, and KEV

So much of appsec's efforts can be consumed by vuln management and a race to patch security flaws. But that's more a symptom of the ease of scanning and the volume of CVEs. Erik Nost walks through the principles behind proactive security, why the concept sounds familiar to secure by design, and why organizations still struggle with creating effective practices for visibility.

Resources

• https://www.forrester.com/blogs/proactive-security-platforms-will-cumulate-visibility-prioritization-and-remediation/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-375