Webinar - Moving from Vulnerability Management Metrics to Risk Management Metrics in Your Security Organization

In today’s enterprise security landscape, many organizations are still using one-size fits all metrics to measure vulnerabilities, but different vulnerabilities pose dramatically different levels of risk to different organizations, making it more important than ever to understand your risk metrics.

Join John Whiteman, Oregon OWASP podcast host and James Dirksen, CEO of Predictive Vulnerability Management company DeepSurface Security in this lunch-provided, webinar to discuss:

  • Why organizations should move from a vulnerability metrics model to a risk metrics model
  • How companies can better measure risk posed by vulnerabilities and how to use risk metrics to better communicate with your C-Suite
  • Why you should use automation to filter out vuln noise, prove objectively that some vulns labeled “critical” pose no risk to your organization (and how fixing them could actually increase risk), and make objectively better, more informed decisions using risk.

Attendees will be provided with a free, delivered lunch, and their organizations will be eligible for a no-cost risk-based assessment of their enterprise network. This “test-drive” of the DeepSurface platform will prioritize vulnerabilities in your network with objective, documented proof of the relative risks of each vulnerability. This service is valued up to $40,000.


When: Nov 18, 2020 12:00 PM

Where: Zoom Video Conference

Save your spot for the live event.


About the Speakers


James Dirksen, CEO & Co-founder

James Dirksen
James Dirksen is co-founder and CEO of DeepSurface Security, the first automated Predictive Vulnerability Management suite of tools that helps enterprises protect their organizations from cyber risk. A serial entrepreneur and accomplished executive, James brings a unique blend of leadership in the private and public companies to DeepSurface. After beginning his early career as a cybersecurity practitioner at Northrup Grumman and PriceWaterHouseCooper (PwC), he went on to found and be VP of Sales and Product at RuleSpace, an early SaaS product powering website categorization services for cybersecurity companies that was acquired by Symantec in 2010. After selling RuleSpace, he moved on to serve as VP of OEM Products at Procera Networks (now Sandvine) providing software DPI solutions used in cybersecurity products worldwide, and most recently served as Formaltech's president, spearheading efforts to transition DARPA-funded cybersecurity prototypes to commercial use. Based in Portland, Oregon, James is also a board member and advisor to several startups.

Follow James on Twitter. Connect on LinkedIn.


John Whiteman, Senior AppSec Engineer

John Whiteman
John L. Whiteman is a senior appsec engineer with over 20 years experience in high-tech. He has held roles as a security researcher, product security expert, and web application security engineer. He is the outreach coordinator and podcast host for the OWASP chapter in Portland, Oregon. John teaches cybersecurity as an adjunct instructor at the University of Portland. He has given security talks at various venues, holds multiple security certifications and is a veteran of the United States Navy.

More About DeepSurface Security

With DeepSurface, enterprise security teams are better able to find, measure and address the real risk on their networks—and they can do it faster and cheaper than ever before.

To make it all possible, DeepSurface does automated reconnaissance and deep inspection of enterprise networks to gather all the context needed to find risk, produce highly-detailed threat models, and give the teams actionable intelligence. DeepSurface does all this without agents and from a central console that makes deployment extremely fast and easy. DeepSurface integrates seamlessly with legacy vulnerability scanners, SIEMs, and IT ticketing systems. Having objective measures of risk and actionable intelligence allows teams to move faster, make more strategic decisions, and reduce actual risk much faster.

To make all this possible we formed a world class team of employees and advisors who understand the risks of cybersecurity threats with experience from established cyber security companies like Tenable, Palo Alto Networks, Symantec, Galois, and Tripwire. Together we’re building a next generation solution for the rapidly-changing realities of modern vulnerability management. Here’s a look at the backgrounds and experiences of the people leading the charge at DeepSurface Security:


DeepSurface’s Board of Advisors includes cybersecurity and market experts with executive experience at leading companies:

Dwayne Melancon: Former Chief Technology Officer at Tripwire
Dave Cole: Former Chief Product Officer at Tenable
John Ewert: Former VP Finance at Palo Alto Networks
Rob Wiltbank: Chief Executive Officer at Galois, Inc
Keith Wymbs: Former Chief Marketing Officer at Elemental/Amazon


About DeepSurface Security

DeepSurface Security (www.deepsurface.com) is the first automated Predictive Vulnerability Management suite of tools that helps cybersecurity teams automate the process of analyzing and prioritizing vulnerabilities on enterprise networks. Created by a veteran cybersecurity team, DeepSurface Security is trusted by enterprise companies to identify, prioritize, and research vulnerabilities in their networks. Headquartered in Portland, Oregon, DeepSurface is a privately held company funded by Cascade Seed Fund, SeaChange Fund, and Voyager Capital. To learn more visit www.deepsurface.com.