Black Hat 2025 - From Chaos to Control - How Bank Of Hope Achieved Zero Critical Vulnerabilities

At Black Hat 2025, Nucleus Security and Bank of Hope shared how a small but determined security team transformed its vulnerability management program into a risk-driven, automated operation.

Mike Dinicola, Security Operations Manager at Bank of Hope, detailed the challenges his team faced: fragmented data, time-consuming manual reporting, and lack of meaningful context for prioritization. By adopting Nucleus as its single source of truth, integrating business-critical asset data, and leveraging automation for triage, Bank of Hope eliminated inefficiencies and achieved significant positive measurable outcomes, including:

• Zero critical vulnerabilities for over a year
• Critical SLA reduced from 22 days to 48 hours
• High vulnerability SLA reduced from 32 days to 14 days
• Streamlined audits with complete visibility and accountability

Key takeaways emphasized the power of context, automation, and choosing the right partner to transform vulnerability management into a proactive, risk-based discipline.