Contact Us   |   Print Page   |   Sign In   |   Join Now
April 2016

The Sky is Falling... CVE-2016-9999(nth)?

2-Hour live event Tuesday, April 26, 2016

Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/ 5:00 p.m. London

Click here to view the recording.
Click here to take the CPE quiz.
Click here to view the slides.


We have all heard about the US National Vulnerability Database. This database appears to be a great, if not depressing, tool. Since its creation there have been 76,000 CVEs posted. In just the last year there were 7,029 posted; and so far this year there have been more than 1,700 CVEs published. This raises the question, when will it stop? What can we do to stop it? Are there any strategies we might employ or things we could do to mitigate the impact of the vulnerabilities?


Matthew Mosley

Director of Product Management, Symantec; NOVA Chapter, ISSA Web Conference Committee

Matt Mosley has been working as a security professional for more than 20 years in roles within corporate IT and risk management, strategic consulting, and product development. In his current role with Symantec, Matt is responsible for product strategy for managed security services. Prior to this role, Matt held senior leadership roles with leading security firms including NetIQ, Internet Security Systems, Intellitactics and Brabeion Software. Matt holds the CISSP, CISM, and CISA designations, teaches CISSP courses for ISSA-NOVA, and is a frequent speaker at security conferences.


Joshua Corman

Joshua Corman is a Founder of I am The Cavalry (dot org) and Director of the Cyber Statecraft Initiative for the Atlantic Council. Corman previously served as CTO for Sonatype, Director of Security Intelligence for Akamai, and in senior research & strategy roles for The 451 Group and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure.

Josh's unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He also serving as an adjunct faculty for Carnegie Mellon’s Heinz College and on the 2016 HHS Cybersecurity Task Force.

Jon Miller

Jon Miller is the Chief Resource Officer for Cylance, a maker of next-generation anti-virus software and provider of breach incident response and other professional services. He leads Cylance through insight and direction around technology, partnerships, research and market opportunities. He was previously a vice president with Accuvant, where he built and led threat research and customer engagement services. Prior to that he spent five years on the X-Force professional services team of Internet Security Systems.

Miller is a well-known hacking expert who gave his first public talk at DEF CON at age 20. Jon started his career in information security in his early teen years, focused on studying Internet technology, running Linux servers and consulting for small businesses. He came to see computer hacking as nothing more than knowing a system well enough to subvert controls by figuring out alternate paths. He became hooked on studying hacking after attending his first DEF CON in Las Vegas at the age of 16 and spoke at the conference for the first time four years later. By then, he was focused on working as an information security professional, performing penetration tests and security assessments for small businesses just starting to establish their Internet presence.

In 2003, at age 21, Jon joined the X-Force professional services team at Internet Security Systems, a pioneer in penetration testing and incident response. In 2007 he joined Accuvant, then a small regional value-added reseller. He built and ran Accuvant Labs, which provided high-quality technical consulting, including vulnerability researchers and penetration testing. By 2012 Accuvant Labs employed more than 100 consultants and researchers delivering services to Fortune 1000 companies and government intelligence agencies. The unit’s groundbreaking research spawned dozens of industry talks. In 2014, Jon joined Cylance to work with two of his longtime role models, Stuart McClure, and Ryan Permeh, in their quest to create a new security product capable of identifying and blocking increasingly pernicious breeds of malicious software.

Jon has delivered dozens of public talks at security and technology conferences including Black Hat , DEF CON, IEEE and ToorCon. He has been featured in publications including Forbes, Huffington Post and Rolling Stone. He has appeared on “60 Minutes” and Fox News.

Jon serves on advisory boards to Built Games, DirectDefense and IronSkye.

Community Search
Sign In


6/20/2019 » 6/21/2019
2019 Triad of NC ISSA Security Summit

ISSA International Series: Privacy - GDPR a Year Later

ISSA International Series: Security Standards Organizations - The good, the bad, and the ugly?

ISSA International Series: Legislative Aspects

ISSA International Series: New Trends in Security- Outsourcing and Other Tech

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information