Keynote of TestIstanbul 2022

Vulnerability and Risk Management Principles: How to Secure Complex and Diverse Environments including IoT and Modern Infrastructure

As we increasingly depend on technology to meet our daily needs from networking with each other to shopping and banking online, technological infrastructure around the world becomes more complex and diverse. This creates vast opportunities for bad actors to more easily attack our digital lives, interfering with our privacy, stealing our wealth, and risking our safety. Therefore, it is extremely important for governments and private companies to take strong cybersecurity measures to protect us and our data. These measures not only apply to traditional computers and servers, but also to the cloud services/infrastructure, web/mobile applications and even the connected devices (or IoT) we interact with.

One of the most common and effective cyber defense mechanisms is to implement vulnerability and risk management practices and tools. These help companies identify cyber risks within their environments and provide the necessary mitigation methods, such as instructions to upgrade outdated and vulnerable software they may be using. As more companies rely on cloud technologies, how those cloud services are set up and configured become more and more important to ensure security. Similarly, as the amount of mobile and IoT devices in corporate and manufacturing environments as well as in our lives increase, ensuring their security becomes paramount for overall security. Effective vulnerability and risk management programs help improve the security posture across the entire landscape.

In this presentation, we’ll review and discuss the vulnerability and risk management principles to secure digital environments from traditional systems to modern infrastructures and IoT.

About Bulut Ersavas

Bulut is the Director of Product Management responsible for Vulnerability Management, Application Security and Offensive Security at Rapid7. He works very closely with companies around the globe to understand their cybersecurity challenges and, together with his team, leads the design, implementation and delivery of cutting-edge security solutions.

Prior to joining Rapid7, he founded an IoT technology company building a cloud-native agricultural intelligence solution called ClimateMinder, which was acquired by an industry leader, Rain Bird Corporation, in 2012. With the ClimateMinder venture, Bulut received three US patents on methods and systems for irrigation control. In addition, he was named a 2014 JCI Ten Outstanding Young Persons of the World (JCI TOYP) recipient in the category of business,

economic and/or entrepreneurial accomplishment for his extraordinary work advancing farming technology and efficiency.

Bulut is married with two kids and lives in Los Angeles, California. He is passionate about mentoring young product managers and entrepreneurs as they build high impact ventures and disruptive tech solutions. During his free time, he loves traveling, enjoys motorsports and plays soccer with his friends.