Vulnerability Cognition:
Adding Psychology to VulnMgmt Programs

OVERVIEW

Vulnerability Management continues to be more and more complex, especially with large sprawling API’s, containers and serverless deployments, and introducing a CI/CD pipeline. With all of these factors, it is increasingly important to understand psychological concepts behind VulnMgmt programs. Without understanding mental workloads, cognition, and perception, it will continue to be a struggle to keep up on vulnerabilities. With the numerous vulnerability scoring metrics, increasing severity and exploitability, blue teams must consistently learn about new exploits and what that means to their environments. This session will cover what “Vulnerability Cognition” is, how it affects VulnMgmt programs, and how Blue Teams can use these skills to increase awareness and effectiveness in their VulnMgmt programs.