Building a holistic VRM strategy that includes the application layer

These days, it’s crucial to quickly evolve beyond attacker methods. A successful VRM program should provide enhanced visibility into web applications as well as traditional on-prem and cloud infrastructure.


Feb 16, 2021
Building a holistic VRM strategy that includes the application layer

Sandy Carielli: Principal Analyst, Security and Risk Professionals, Forrester
James Thompson: Information Security Manager, Hypertherm

As IT ecosystems evolve, so do attackers. Exploitation can happen anywhere across the modern attack surface, from on-premises and cloud infrastructure to web applications. So the scope of your vulnerability risk management (VRM) program can no longer be limited to critical infrastructure.

Web apps have grown in complexity and volume over the past several years, while also becoming the attack vector of choice for threat actors capitalizing on emergent technologies. This is a trend that will only persist and evolve, so it’s crucial to extend your testing strategy to practices and languages utilized by your development team. In short: Managing your overall risk must extend to weaknesses in your applications and APIs, not just the structures on which they’re built.

In this webcast, you’ll learn:

  • Sandy and James’ thoughts on extending a holistic VRM approach to the application layer
  • Best practices and common challenges for a sound VRM strategy
  • How James uses both InsightVM and InsightAppSec to secure every layer of the modern environment
  • Why it’s so important to have mitigating controls in place for possible exploitation

February 16, 2021 8:30am IST / 11:00am SGT / 2:00pm AEDT / 4:00pm NZDT

Register for the webcast.

Our response to the COVID-19 pandemic

Read our commitment