Security Weekly Podcast Network (Audio)
Technology
NVD checked out, then they came back? Maybe?
Should the xz backdoor be treated as a vulnerability?
Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats?
What were some of the takeaways from the first-ever VulnCon?
EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it?
How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits are ready and in the wild?
There's SO much going on in the vulnerability management space, but we'll try to get to the bottom of some of in in this episode. In this interview, we talk to Patrick Garrity about the messy state of vulnerability management and how to get it back on the rails.
Segment Resources:
As we near RSA conference season, tons of security startups are coming out of stealth! The RSA Innovation Sandbox has also announced the top 10 finalists, also highlighting early stage startups that will be at the show.
In this week's news segment,
By the way, the thumbnail is a reference to the xz backdoor link we include in the show notes: https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-356
Gold Pressed Latinum, VBScript, ORBS, Rockwell, Chrome, SKY, Aaran Leyland, and More - SWN #389
BCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390
Open Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Idan Plotnik, Luis Villa, Erez Hasson - ASW #287
Emotional Intelligence for Cyber Leaders - James Doggett, Jessica Hoffman, Sivan Tehila - BSW #352
A CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim Broome, Mike Lyborg - ESW Vault
Securing Backups - SWN Vault
Achieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barrero, Andy Grolnick, Alexandre Sieira - ESW Vault
Exploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW Vault
Hacker Heroes - Josh Corman - PSW Vault
Securing Shadow Apps & Protecting Data - Guy Guzner, Pranava Adduri - ASW Vault
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW Vault
College Degrees - SWN Vault
Shifting Third Party Risk & What You Need to Know About PCI DSS 4.0 - Lynn Marks, Paul Valente - BSW Vault
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault
This Week: short on funding, long on research and analysis & RSAC Interviews - ESW #363
Pen Testing As A Service - Seemant Sehgal - PSW #830
SWN #388- Big Tech, Fighting a Junta, Keylogger in Microsoft , APT Hackers, Free Laundry, Joshua Marpet & more
Node.js Secure Coding - Oliver Tavakoli, Chris Thomas, Liran Tal - ASW #286
Security Money: Rubrick Saves The Index As It Continues To Climb - Jim Simpson, Theresa Lanowitz - BSW #351
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast