International Conference on Machine Learning, Artificial Intelligence and Data Science

Gaurav Mittal

Biography

Gaurav Mittal is a seasoned Security Data Analyst based in Dallas, TX, with a Master?s in Information Systems from California State University, Fullerton, and a Bachelor of Technology from SRM University, India. He currently works at Zoom Video Communications, where he leads initiatives in vulnerability management, automation, and security data reporting, significantly improving compliance and data quality metrics. With prior experience as a Business Intelligence Engineer at Copart and roles at Allied Global Marketing and CSC, Gaurav has strong expertise in data analytics, cloud migration, dashboarding, and program management using tools like SQL, Python, Tableau, Airflow, and Qualys. His work has consistently optimized workflows, improved reporting accuracy, and supported strategic decision-making through data-driven insights.

Research Interest

Cybersecurity Analytics, Vulnerability Management, Data Automation, Cloud-based Data Engineering, Business Intelligence, and Security Program Optimization.

Abstract

Beyond CVSS: Leveraging Data Analytics & AI for Asset-Centric Vulnerability Management As organizations grapple with an overwhelming number of vulnerabilities, many still rely on CVSS scores alone for prioritization - a method that often ignores asset criticality and business impact. This presentation challenges the CVSS-centric approach, advocating for a smarter, data driven vulnerability management framework powered by asset importance, advanced analytics, and AI-driven risk assessment. Drawing on my expertise in vulnerability management and data analytics, I will demonstrate how integrating AI/ML models and data-driven insights can refine prioritization strategies, ensuring remediation efforts focus on the most business-critical risks. Attendees will learn: Why a CVSS-only approach is unsustainable and how data analytics can enhance decision-making. How AI/ML can automate asset risk scoring and predict exploitability with greater accuracy. Practical strategies for implementing an asset-driven, intelligence-powered vulnerability management program.