CISO Trainings , Governance & Risk Management , Next-Generation Technologies & Secure Development

2 Days to 2 Hours: Automating Application Vulnerability Management

Michael Donaldson of Bay Dynamics on How to Reduce the Time to Mitigate Vulnerabilities
2 Days to 2 Hours: Automating Application Vulnerability Management

Not so many years ago, Michael Donaldson was managing a major application for a large enterprise, and when he learned of an unpatched vulnerability, it took him two days to investigate and confirm. With the right tools today, that would take two hours. Listen and learn how.

Donaldson, now a Solutions Architect with Bay Dynamics, describes his frustration at taking so long to investigate a vulnerability - a common experience for application managers in the day.

"Overall, it was a pretty lengthy, frustrating and embarrassing process, both being caught off guard and the amount of time [it took] ... to determine the real-time risk posture of my application," Donaldson says. "It took a couple of days, but I think the reality is that we had all the technology in place where the information that I needed was absolutely available in real-time."

In an interview about how to compress the time needed for vulnerability management, Donaldson discusses:

  • The details of his two-day experience;
  • The gaps he identified while undergoing that arduous process;
  • How today's tools and processes can compress a two-day investigation into two hours.

Donaldson currently serves as a Solutions Specialist with Bay Dynamics for the Risk Fabric platform. Previously, he worked in various Governance, Risk, and Compliance (GRC) roles for seven years in two Fortune 100 health insurance companies where he had the opportunity to facilitate enterprise initiatives under the direction of the Chief Audit Executive, the Chief Compliance Officer, and the CISO.

With over 15 years of GRC and technology experience in the large enterprise space with both industry, and product & services suppliers, he brings a diverse background and unique perspective as he works to partner with large organizations to solve complex challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.