I’m working on a python project and need guidance to help me study.Utilize Crowdstrike, AD, ElasticSearch, Qualys & Ivanti API queries and open-source intelligence sources to determine and score applications based on their cumulative vulnerability scores. Programmatically determine applications which are end-of-life and calculate probabilistic risk model for EoL applications.
Create models for prioritized work to most effectively resolve.This will permit us to gain visibility to Technical Debt that cannot be effectively patched, and help to identify substantive pools of unmanaged risk.BONUS:
Establishment of intentionally vulnerable website (non-prod environment) to help train Application Security and enable the rollout of the CheckMarx applicationANTICIPATED DELIVERABLE:
Application operating system with API ingestion to investory EOL application in CAS means of determining and ingesting sources of EOL data.Risk scoring weekly reporting
Requirements: soon