ConnectSecure Workshop

Beyond Patching: Risk-First Vulnerability Management

Register Now
ConnectSecure Workshop

Beyond Patching: Risk-First Vulnerability Management



Register Now

Lead the shift from reactive security to modern risk reduction

Move beyond reactive security, patching, and traditional perimeter thinking. This 2.5-hour workshop is built for service providers ready to lead with structure and precision. You’ll learn how to deliver a comprehensive vulnerability management program—one that combines BIA-driven policy, prioritized remediation, and third-party risk management (TPRM) into a scalable, client-facing service. Through hands-on labs, real-world frameworks, and certification, you’ll walk away with the tools and confidence to start reducing risk under modern security leadership.
Register Now
workshop

Join the workshop and receive a Risk-First VM Launch Kit

Leave the workshop with the tools you need:

  • Vulnerability Management Program Template
  • Vulnerability Management Policy Template
  • Declination of Services Template / MSA Template
  • Marketing Brief (Client-Facing)
  • Slide Deck for Executive Overview
Choose Session

Moderators

Brian_Blakely

Brian Blakely

Chief Strategy Officer
Compliance Scorecard
Ryan Seymour headshot

Ryan Seymour

VP Consulting and Education
ConnectSecure

Panel Guests

austin_timberlake

Austin Timberlake

DFIR & vCISO
Cyber74
Jeremy_Pogue

Jeremy Pogue

Director of Security Services
Integris
Justin_Parker

Justin Parker

Manager, Technical Accounts
Meriplex

Workshop Agenda

Duration Segment Objective Speaker
0:00 – 0:05 Kickoff Welcome, introductions, and a look ahead at the agenda. Ryan, Brian, Panel
0:05 – 0:35 Risk-First VM Foundations Redefine vulnerability management through a risk-first lens. Explore the foundational frameworks that support modern service delivery—CIS, CDM, and patch management vs vulnerability management. Close with a walkthrough of the VM Program as the anchor for a scalable program. Ryan
0:35 – 1:05 BIA-Driven Policy Building Learn how to map business impact into technical policy. This session walks through aligning asset criticality with BIA outputs to define risk tiers, policy boundaries, and decision logic that supports measurable vulnerability management outcomes. We will also discuss the impact and rise of Third-Party Risk Management (TPRM). Brian
1:05 – 1:15 Prioritization Strategies Turn risk data into action. Learn how to combine BIA-driven risk tiers with external threat intelligence (EPSS, KEV, etc.) to build defensible prioritization models and structured alerting strategies. Ryan, Brian
1:15 – 1:25 Break 1 Refresh and reset.
1:25 – 1:45 Hands-On Lab: Vulnerability Management Apply risk-first principles in a live environment. Execute scans, interpret results, and practice prioritization techniques using a hands-on vulnerability management policy. Group
1:45 – 2:00 Certification Assessment Demonstrate comprehension of core concepts through a scored knowledge check. Assessment reflects real-world service delivery scenarios, not just theory. Group
2:00 – 2:10 Break 2 Recharge before closing segments.
2:10 – 2:25 MSP Panel: Lessons from the Field Hear firsthand how leading MSPs have implemented structured vulnerability management, manage third-party threats, positioned risk-first thinking with clients, and evolved their service stack beyond patching. Panel
2:25 – 2:30 Wrap-Up & Certification Reinforce takeaways, issue credentials, and equip attendees with the tools needed to immediately activate a risk-first service—anchored by the launch kit provided. Ryan, Brian
2:30 Buffer / Q&A