33 min listen
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
ratings:
Length:
41 minutes
Released:
Mar 5, 2024
Format:
Podcast episode
Description
The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter ways to approach vulns based in modern app development. We also explore the ecosystem of acronyms around vulns and figure out what's useful (if anything) in CVSS, SSVC, EPSS, and more. Segment resources: https://www.redhat.com/en/blog/patch-management-needs-a-revolution-part-1 https://next.redhat.com/blog/ https://www.first.org/cvss/v4-0/ https://www.first.org/epss/ https://deadliestwebattacks.com/appsec/2010/02/19/primordial-cross-site-scripting-xss-exploits -- For a bit of history, one of the earliest "bugs bounty" from 1995. Show Notes: https://securityweekly.com/asw-275
Released:
Mar 5, 2024
Format:
Podcast episode
Titles in the series (100)
Interview with Ira Winkler - Episode 343: Ira Winkler, CISSP is President of Secure Mentem. Ira is one of the foremost experts in the human elements of cyber security and is known for the extensive espionage and social engineering simulations that he has conducted for Fortune 500 companies... by Security Weekly Podcast Network (Video)