Andrei Avădănei
CEO Bit Sentinel
Acting as CEO at BIT SENTINEL, a cyber security company, Andrei is the most well-known Romanian white hacker. His activity was presented during the last 10 years by all media channels in Romania (TV, print, online etc). He is certified as OSCE, OSCP and CISA.
Andrei is an active adviser & shareholder in various organizations and member in different local and European initiatives. He was also member of the Counselor Committee for GovITHub, a governmental initiative for digitalization of public institution from Romania where Andrei provided to the Romanian Government assistance regarding national IT strategies and digitalization.
Andrei has founded DefCamp – the biggest IT security conference in Central and Eastern Europe (more than 1800+ participants from 45+ countries and 60 speakers from all over the world). Andrei is also the President of Cyber Security Research Center from Romania, Bucharest (http://ccsir.org/ ).
In 2016 he was nominated in both New Europe 100 - a list built by Google and Financial Times presenting brightest and best people in Central and Eastern Europe and in Forbes 30 under 30. These nominations came after scoring high results in his activity related to Bit Sentinel.
Links
Applying DNN techniques to predict and prioritize cyber security vulnerabilities risk
For the past few years we've seen an increase in the number and complexity of cyber attacks. A decade ago you could have said that only large enterprise are being targeted. However, nowadays any device connected to the internet can become the victim of a cyber attack or a way in when attackers are looking for more complex cyber attacks. This mainly happens because cybercriminals have developed novel techniques to benefit from security breaches at scale: ransomware attacks, data leakage, cryptominning, DDoS as a service are just a few examples. Many times they will just use known vulnerabilities to exploit systems that didn't fixed the issues.
To better respond to these threats, the industry developed standards, such as CVE (Common Vulnerabilities and Exposures), a database with more than 120,000 entries of known vulnerabilities each containing an identification number, a description, and at least one public reference—for publicly known cybersecurity vulnerabilities.
Only in 2019 there were almost 20,000 reports making the job to asses and evaluate each finding quite difficult for maintainers. Most of the time the bugs are released weeks before they get the chance to be correctly evaluated by the maintainers of such a database, enough time for hackers to use the reported techniques to exploit vulnerable systems.
In this talk I will present some of the results we obtained at Bit Sentinel by applying Deep Neural Network and other Machine Learning techniques to predict CVSS (Common Vulnerability Scoring System) and CWE (Common Weakness Enumeration) but also ideas on how you can better prioritise vulnerability patching by predicting the exploitability likelihood when using Open Source Intelligence (OSINT).
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top