Vulnerabilities, Malwares and Beyond: Threat Modelling For a More Efficient Security

No ratings

Presented at UNITED Security Summit 2012 by

Claudio Guarnieri

Vulnerabilities are the vehicle, malware is the goal. In 2011, more than 5000 vulnerabilities had a CVE assigned, but how many of them and which ones are being used in the wild and why? In this presentation we will take a look at the role of vulnerabilities and exploits in the cyber-crime and espionage businesses, and how they relate to the malware world. Understanding their relation and how they coexist in the criminal ecosystem is important for defining threat models and improving our security practices (and better justifying your budget to your executives).