This will be a joint event with UMSA for Twin Cities Secure360 Fall Conference.
Registration is disabled here because links were sent via email to register directly with UMSA
- Speakers & Sponsor Spotlight
- Wrap Up
Jay Jacobs: Replacing CVSS: Remediating what Matters
Keeping up with vulnerability remediation is a universal challenge experienced by every organization. The onslaught of reported and discovered vulnerabilities makes prioritization essential and the lack of clear feedback makes prioritization tricky. CVSS is the de factor approach to ease the complexities of prioritization, but CVSS has largely gone unmeasured and unchallenged… until now. This talk begins with data on tens of thousands of vulnerabilities and combines billions of real-world exploitation events to both measure the performance of CVSS and to build a data-driven solution for the prioritization of vulnerability remediation efforts: the Exploit Prediction Scoring System (EPSS).
Nathan Larson: Static Analysis Pain Relief
Most people would put off a root canal until it’s absolutely necessary, and many treat a SAST scan the same way. It’s just another gate enforced by business and security to push through, another delay to seeing the development team’s awesome work in production. But it need not be that way.
This talk will provide ideas to make SAST less painful, and maybe even a task to look forward to. Including SAST as a continuous part of development reduces the workload from a huge undertaking during a test phase at the end of a project or sprint to a frequent check to confirm how good one’s code is. If taken the right way, developers can change their view of SAST from a task of drudgery to one that will help them write better, more solid code.
Are non-members and guests welcome at meetings and events?
Yes, we welcome individuals at large from the security community to join us for any of our events. We simply ask that, after experiencing the value of our community at two events, individuals consider joining ISSA for the additional benefits that membership provides.
Why do we have to register to attend meetings and events?
Besides assisting the board with planning logistics for our events, registering for meetings and events, provides you with self-service documentation you can print out to support your CPE credits if you are audited.
***Information/image release. By registering for this event, I agree that:
I am allowing my contact information included in the registration to be shared with MN ISSA and I may be contacted by MN ISSA
I grant MN ISSA and/or ISSA International the right to use any candid photos or videos taken during the event in future marketing and communication efforts, to include, but not limited to, websites, brochures, advertisements, magazines, newspapers, newsletters, emails, videos and web conferences.