This is the second of a two-part interview. Part one: https://www.scworld.com/resource/the-evolution-of-soar-from-legacy-to-next-gen-platforms
Vulnerability management has long been a thorn in the side of security teams, with a seemingly endless stream of vulnerabilities to track and limited resources to address them.
In a conversation with Adrian Sanabria, host of the Enterprise Security Weekly podcast, Matt Muller, Field CISO at Tines, sheds light on the new and persistent challenges facing organizations in this domain. Muller notes that the core issues, such as the sheer volume of vulnerabilities, the difficulty in distinguishing critical from non-critical ones, and the struggle to get timely patching, have remained largely unchanged for decades.
The frustration is compounded by research reports that often indicate only a small percentage of vulnerabilities truly matter, leaving security teams unsure of where to focus their efforts.
The solution, according to Muller, lies in leveraging workflow automation tools like Tines.
By integrating disparate data sources, adding enrichment context, and automating remediation processes, security teams can significantly reduce the manual workload and focus on the vulnerabilities that pose the greatest risk. Importantly, Muller emphasizes the value of collaboration between security and IT teams, with automation enabling seamless handoffs and shared visibility.
Ultimately, the key to overcoming the persistent challenges in vulnerability management is to embrace automation and foster cross-functional cooperation.
As Muller suggests, "angry automation" – addressing the most frustrating manual tasks first – can be a powerful starting point for security teams looking to regain control and improve their vulnerability management posture.
