Johnathan Wilkes, John Anny (Palo Alto Networks)

By embracing automation, organizations can transcend manual limitations to reduce mean time to response and address exposures consistently across their cybersecurity infrastructure. In the dynamic realm of cybersecurity, swiftly addressing externally discovered exposures is paramount, as each represents a ticking time bomb. A paradigm shift towards automation to enhance speed, efficiency, and uniformity in the remediation process is needed to answer the question, "You found the exposure, now what?". Traditional manual approaches are not only time-consuming but also prone to human error, underscoring the need for a comprehensive, automated solution. Acknowledging the diversity of exposures and the array of security tools, we will propose how to remediate common external exposures, such as open ports and dangling domains. The transformative nature of this shift is crucial, particularly in the context of multiple cloud platforms with distinct data enrichment and remediation capabilities.

View More Papers

Vision: “AccessFormer”: Feedback-Driven Access Control Policy

Sakuna Harinda Jayasundara, Nalin Asanka Gamagedara Arachchilage, Giovanni Russello (University of Auckland)

Read More

GNNIC: Finding Long-Lost Sibling Functions with Abstract Similarity

Qiushi Wu (University of Minnesota), Zhongshu Gu (IBM Research), Hani Jamjoom (IBM Research), Kangjie Lu (University of Minnesota)

Read More

Sticky Fingers: Resilience of Satellite Fingerprinting against Jamming Attacks

Joshua Smailes (University of Oxford), Edd Salkield (University of Oxford), Sebastian Köhler (University of Oxford), Simon Birnbach (University of Oxford), Martin Strohmeier (Cyber-Defence Campus, armasuisse S+T), Ivan Martinovic (University of Oxford)

Read More

Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor...

Fannv He (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China), Yan Jia (DISSec, College of Cyber Science, Nankai University, China), Jiayu Zhao (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China), Yue Fang (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China),…

Read More