2 Days to 2 Hours: Automating Application Vulnerability ManagementMichael Donaldson of Bay Dynamics on How to Reduce the Time to Mitigate Vulnerabilities
Not so many years ago, Michael Donaldson was managing a major application for a large enterprise, and when he learned of an unpatched vulnerability, it took him two days to investigate and confirm. With the right tools today, that would take two hours. Listen and learn how.
Donaldson, now a Solutions Architect with Bay Dynamics, describes his frustration at taking so long to investigate a vulnerability - a common experience for application managers in the day.
"Overall, it was a pretty lengthy, frustrating and embarrassing process, both being caught off guard and the amount of time [it took] ... to determine the real-time risk posture of my application," Donaldson says. "It took a couple of days, but I think the reality is that we had all the technology in place where the information that I needed was absolutely available in real-time."
In an interview about how to compress the time needed for vulnerability management, Donaldson discusses:
- The details of his two-day experience;
- The gaps he identified while undergoing that arduous process;
- How today's tools and processes can compress a two-day investigation into two hours.
Donaldson currently serves as a Solutions Specialist with Bay Dynamics for the Risk Fabric platform. Previously, he worked in various Governance, Risk, and Compliance (GRC) roles for seven years in two Fortune 100 health insurance companies where he had the opportunity to facilitate enterprise initiatives under the direction of the Chief Audit Executive, the Chief Compliance Officer, and the CISO.
With over 15 years of GRC and technology experience in the large enterprise space with both industry, and product & services suppliers, he brings a diverse background and unique perspective as he works to partner with large organizations to solve complex challenges.