Enterprise Security Weekly (Audio)
Technology
NVD checked out, then they came back? Maybe?
Should the xz backdoor be treated as a vulnerability?
Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats?
What were some of the takeaways from the first-ever VulnCon?
EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it?
How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits are ready and in the wild?
There's SO much going on in the vulnerability management space, but we'll try to get to the bottom of some of in in this episode. In this interview, we talk to Patrick Garrity about the messy state of vulnerability management and how to get it back on the rails.
Segment Resources:
As we near RSA conference season, tons of security startups are coming out of stealth! The RSA Innovation Sandbox has also announced the top 10 finalists, also highlighting early stage startups that will be at the show.
In this week's news segment,
By the way, the thumbnail is a reference to the xz backdoor link we include in the show notes: https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-356
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann - ESW #358
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
Why cyber hygiene requires curious talent - Clea Ostendorf - ESW #355
Top 5 Myths About API Security and What to Do Instead - Robert Dickinson - ESW #354
Addressing Identity-Related Threats in 2024 - Rod Simmons - ESW #353
What can we do today to prevent tomorrow's breach? - Michael Mumcuoglu - ESW #352
Hacktivism Unveiled: Insights into the Footprints of Hacktivists - Pascal Geenens - ESW #351
Threat Intelligence & Threat Hunting - Chris Cochran - ESW Vault
Material: cybersecurity word of the year, thanks to the SEC - Amer Deeba - ESW #350
Zero-Trust is Meaningless if Your Cryptography is Flakey - Vincent Berk - ESW #349
The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete Morgan - ESW #348
2024: The Year Cross-Platform Endpoint Management Finally Gets Good? - Zach Wasserman - ESW #347
Creating Trust in Biometric Authentication for Identity Verification - Sabrina Gross - ESW #346
GenAI Threats and Concerns, Building a Security Business Around Open Source - Ev Kontsevoy, Greg Notch - ESW #345
2023 End-of-Year Wrapup - ESW Vault
MegatronAL on Kicking in the Door to Cybersecurity - Angela Marafino - ESW Vault
2023 Funding, SASE Certification - Mike Privette, Pascal Menezes - ESW #344
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Black Wolf Feed (Chapo Premium Feed Bootleg)
Bannon`s War Room