What is XDR? How do we know the security protections we're investing in are working? All this and Paul's CBD Pineapple Pizza Drink on this week's show.
This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw681
In this world of countless vulnerabilities, we need to find a way to identify threats. Prioritizing known vulnerabilities is a step in the right direction but definitely not enough. There is a need for a customized identifying threat process.
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw678
Vulnerability prioritization has traditionally relied on CVSS scores and other subjective measurements (e.g. asset tagging) that don't factor in internal context. A new approach integrates asset context and application activity to derive rich, internal data.
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw208
Michael takes us through some of the common AI and ML methods of data science and how they apply to our InfoSec problems.
This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw675
Software vulnerabilities are exploding in growth at an unprecedented rate, and security teams are struggling to stay afloat. Lifebuoys (i.e. CVSS base scores) aren’t doing much to save them, either. A new advancement in threat prioritization offers relief, integrating the vulnerabilities’ surrounding characteristics to identify the most severe risks.
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/psw670
In this episode of Enterprise Security Weekly, Nucleus co-founder Scott Kuffer talks about the problems teams face in doing the process of vulnerability management effectively and how Nucleus is uniquely positioned in the marketplace to solve them.
To learn more about Nucleus Security, visit: http://nucleussec.com
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode187
Discuss approach to vulnerability management at Toyota Financials and benefits of a full life-cycle approach to vulnerability management.
To learn more about Qualys VMDR, visit: https://securityweekly.com/qualys
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode183
Ryan Kelso is the Application Security Engineer at 10-Sec, Inc. Former developer turned application security engineer with a passion for giving back to the security community that has helped me out tremendously with getting into this field. Information disclosures traditionally aren't seen as high priority fixes, but can be pretty important in an exploitation chain. The more information provided to an attacker, the better equipped that attacker is.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!