Puppetize PDX 2019

We’re fighting an asymmetric battle. The number of vulnerabilities continues to increase exponentially. We need to prioritise and remediate the most critical vulnerabilities to keep our businesses secure and we need to be right all the time. An attacker only needs to be right once. It’s a numbers game. Today, you hope you are not the slowest in the herd, and the attacker moves onto someone else. What if we could tip the scales in favour of the defender?

Blackhats work together on chat forums and the dark web to share the latest exploit kits and attack techniques. IT Ops teams, however, work in isolation because there are no mechanisms for them to collaborate with other Ops teams at other companies dealing with the same vulnerability. When the next vulnerability like ShellShock, WannaCry or BlueKeep is announced, we will all go off and solve it independently. Why? None of us make a profit from remediating vulnerabilities. It costs all of us time and money—lots of it—and we’re all solving the same problem a thousand times over. What if we shared the work by creating solutions to vulnerabilities as a community? We could use our collective expertise and strength in numbers to combat the attackers.

There are more defenders than attackers out there, so we can win this battle. Join the fight with us and learn how Puppet is forming and facilitating a community of defenders.