Wednesday 22 April 2026, 11am-12noon (GMT)

Vulnerability management has undergone several evolutions, starting with the age of detection – automated scanners (SAST, DAST, SCA), penetration testing, bug bounty programs, and more. As a result, security dashboards have become like forests of Christmas trees, overloaded with an inhuman volume of vulnerabilities. This led to the rise of prioritisation, aligning security efforts with actual business risks. Given the impossibility of fixing every potential or even confirmed vulnerability, strategic focus became essential: Fixing what matters most.

However, detection and prioritisation are still reactive measures. To stay ahead of attackers, we must go further. Assuming fixes are applied in a timely manner, the next frontier in proactive security is prediction.

In this session, Nicolas highlights the innovative concept of assessing an asset’s attractiveness rather than simply listing its vulnerabilities. Which assets are more tempting to attackers – the “shark bait”? Understanding your attack surface is key to ensuring efficient and proactive risk monitoring.

If you are a member of ISACA, ICA, CIISec or The Security Institute, you can earn CPE/CPD points for attending our webinars live. Remember to log your attendance with your provider to be credited.

Guest chaired by

Kurt Yearwood (info) Supply Chain Security Assurance Officer, BAE Systems

Presented by

Nicolas Mattiocco (info) CEO & Cyber Security Researcher, Patrowl

By registering for this webinar you agree:

• The speakers’ organisations may use your details to enhance your experience and email you further information of interest. Please see our Privacy Policy for further details. 
• To follow the standard of behaviour set out in SASIG’s Safe Space Charter. 

Register for this webinar as a guest

Don’t have a website account?

Review the advice on using Zoom and other webex platforms securely here.