Episode #080: Patch Me If You Can: Compliance, SLAs, and Other Fairytales

Send us a textIn this no-punches-pulled return from hiatus, Ken and Mike dig deep into the messy middle of vulnerability management, SLA fatigue, and the illusion of compliance. Are we building secure systems or just passing audits? From legacy cruft to exploitable CVEs, this episode unpacks the real-world pressures of SOC 2, the auditor dance, and whether fixing every “critical” is even feasible.Perfect for practitioners trying to balance the checkbox culture with actual risk reduction, thi...

Send us a text

In this no-punches-pulled return from hiatus, Ken and Mike dig deep into the messy middle of vulnerability management, SLA fatigue, and the illusion of compliance. Are we building secure systems or just passing audits? From legacy cruft to exploitable CVEs, this episode unpacks the real-world pressures of SOC 2, the auditor dance, and whether fixing every “critical” is even feasible.

Perfect for practitioners trying to balance the checkbox culture with actual risk reduction, this one’s got stories, strategies, and spicy takes. Bonus: tips on managing auditors without losing your mind—or your security posture.