Automating Remediation: Accelerating Mean Time to Response for Externally Discovered Exposures

Johnathan Wilkes, John Anny (Palo Alto Networks)

By embracing automation, organizations can transcend manual limitations to reduce mean time to response and address exposures consistently across their cybersecurity infrastructure. In the dynamic realm of cybersecurity, swiftly addressing externally discovered exposures is paramount, as each represents a ticking time bomb. A paradigm shift towards automation to enhance speed, efficiency, and uniformity in the remediation process is needed to answer the question, "You found the exposure, now what?". Traditional manual approaches are not only time-consuming but also prone to human error, underscoring the need for a comprehensive, automated solution. Acknowledging the diversity of exposures and the array of security tools, we will propose how to remediate common external exposures, such as open ports and dangling domains. The transformative nature of this shift is crucial, particularly in the context of multiple cloud platforms with distinct data enrichment and remediation capabilities.

View More Papers

Separation is Good: A Faster Order-Fairness Byzantine Consensus

Ke Mu (Southern University of Science and Technology, China), Bo Yin (Changsha University of Science and Technology, China), Alia Asheralieva (Loughborough University, UK), Xuetao Wei (Southern University of Science and Technology, China & Guangdong Provincial Key Laboratory of Brain-inspired Intelligent Computation, SUSTech, China)

MirageFlow: A New Bandwidth Inflation Attack on Tor

Christoph Sendner (University of Würzburg), Jasper Stang (University of Würzburg), Alexandra Dmitrienko (University of Würzburg), Raveen Wijewickrama (University of Texas at San Antonio), Murtuza Jadliwala (University of Texas at San Antonio)

EnclaveFuzz: Finding Vulnerabilities in SGX Applications

Liheng Chen (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Institute for Network Science and Cyberspace of Tsinghua University), Zheming Li (Institute for Network Science and Cyberspace of Tsinghua University), Zheyu Ma (Institute for Network Science and Cyberspace of Tsinghua University), Yuan Li (Tsinghua University),…

On the Feasibility of CubeSats Application Sandboxing for Space...

Gabriele Marra (CISPA Helmholtz Center for Information Security), Ulysse Planta (CISPA Helmholtz Center for Information Security and Saarbrücken Graduate School of Computer Science), Philipp Wüstenberg (Chair of Space Technology, Technische Universität Berlin), Ali Abbasi (CISPA Helmholtz Center for Information Security)