top of page

Vulnerability and control

Updated: Jul 23, 2020

And no, this isn't about being a control freak, or feeling vulnerable. Well not exactly. As you've probably already guessed (given that you are on the SRMAM website) this short video post is about analyzing vulnerabilities and controls in security risk management.

BREAKING NEWS: You can now download the PowerPoint presentation for this seminar and what a replay of it via my Downloads page.

My colleague Konrad Buczynski and I will be running a webinar today (or in the past if you're reading this after 5:30 pm (Sydney time) on Thursday the 23rd of July, 2020. Actually, I'm in Canberra but Konrad is in Sydney but to be fair, few people outside Canberra realize that Canberra is in the same timezone as Sydney. So it goes. It's also the capital of Australia but that is beside the point of course if nobody has heard of the place.

But I digress. This little video has a few tips and examples on how to consistently and defensibly identify, document, and assess vulnerabilities and controls. It also tells you how and where to find the free cheat sheets, book, software, and more that we will be giving away after the webinar. Even if you can't get to the webinar, I hope the following has some useful tips.

One of the many tips we cover for example, is the CAVE acronym for consistently and comprehensively identifying and recording vulnerabilities. I hope you find it helpful.

You'll find more excerpts and downloads from the Security Risk Management Aide-Mémoire at this link and some of my other articles here.

If you'd like to stay in touch and find out about other free books and webinars, please subscribe to my mailing list at

60 views0 comments

Recent Posts

See All


bottom of page