In this episode of the VulnWise Show, hosts Steve Carter and Scott Kuffer engage with cybersecurity expert and semi-retired analyst Jon Oltsik to discuss the evolving landscape of vulnerability and exposure management. They explore best practices derived from conversations with CISOs, the role of AI in vulnerability management, and the…
VulnWise guest Johnny Shaieb explores how vulnerability management success goes beyond technology. Full episode: https://youtu.be/be3UD29RIQw?si=q7y0HHk7xK3WxfCr
VulnWise guest Johnny Shaieb explains how an ARPANET buffer overflow led to the need for maintaining vulnerability databases. Full episode: https://youtu.be/be3UD29RIQw?si=q7y0HHk7xK3WxfCr
VulnWise guest Johnny Shaieb discusses the short average time CISOs hold their position and how important it is to understand the battlefield for success. Full episode: https://youtu.be/be3UD29RIQw?si=q7y0HHk7xK3WxfCr
In this @VulnWise clip, Vulnwise host Scott Kuffer discusses with Chris Peltz the differences between the new CTEM approach vs traditional vulnerability management, and what it means. #ctem #vulnerabilitymanagement
In this episode of the VulnWise Show, hosts Steve Carter and Scott Kuffer engage with Johnny Shaieb, Chief Architect of Exposure Management at IBM. The conversation delves into the evolution of vulnerability management, the shift towards exposure management, and the importance of asset management in cybersecurity. Johnny shares insights from…
In this @VulnWise clip, Scott Kuffer talks about how you define your first #ctem #scope using basic threat modeling. #vulnerabilitymanagement
In this @VulnWise clip, Scott Kuffer talks about how the #vulnerabilitymanagement market has developed over the last 30 years. At the GPSEC Boston conference, we focused on a group of capabilities that used to be called VM. Host-based to network-based to agent-based and what that means. #vulnerabilitymanagement
In this short from @VulnWise , Scott Kuffer presents at the GPSEC Conference about how to prioritize vulnerabilities in #cybersecurity. You do not need either a Risk score or a qualitative score. You need both in order to be successful in a large enterprise. #vulnerabilitymanagement
On this episode of @VulnWise , the head of Vulnerability Management for Android gives her last bit of advice on how to be successful at VM, with lessons learned from the field. #vulnerabilitymanagement #patching
In this @VulnWise episode, Scott Kuffer asks the head of patching for Android from Google how Android patches their ecosystem when they have so many devices to patch on a regular basis? #cybersecurity #vulnerabilitymanagement #android
In this episode of @VulnWise , head of Android's bug bounty program explains how they think about the input of bug bounty researchers in the cybersecurity community. Ever wondered how to get your name associated with a CVE? #cybersecurity #bugbounty #android
Guest Rishika Hooda, the head of vulnerability management from Google Android explains why you can't easily transfer academics to the realities of operational vulnerability management. She also explains why vulnerability prioritization is so key to a program. #exposuremanagement #vulnerabilitymanagement #vulnerabilityprioritization
How does Android prioritize which vulnerabilities to fix? This episode of @VulnWise tells us how!
In this episode of the VulnWise Podcast, Scott Kuffer and Steve Carter talk to Rishika Hooda, a senior technical program manager at Google, who shares her extensive experience in cybersecurity, particularly in managing Android's patching and bug bounty programs. The conversation delves into the complexities of vulnerability management at scale,…
Once attackers get in, they follow a predictable playbook—but how do they get in? 🔑 On this clip from the @Vulnwise pod, guest Eli Woodward breaks down why initial access remains a mystery and why organizations rarely share details on how breaches start. Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE…
🧠 In this clip from the @VulnWise show, guest Eli Woodward explains why defining threat intelligence isn’t as simple as it seems—after all, there are at least 23 different definitions floating around! So, what does it really mean? Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with hosts Scott Kuffer and…
📚 In this clip from the @VulnWise show, guest Eli Woodward shares why staying humble and continuously learning is key to cybersecurity success. The internet has a way of humbling even the smartest experts—so how do you keep up without falling behind? Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with…
🔍 In this clip from the @VulnWise show, guest Eli Woodward explains why threat intelligence is reactive while vulnerability intelligence allows for proactive defense. But does the industry really make this distinction clear? 🤔 Ask three CTI experts, and you might get five different answers! Watch the full VulnWise episode…
Cyber insurance is creating silos of incident response data—meaning the industry isn’t learning key security lessons. 🚨In this @VulnWise clip, guest Eli Woodward explains how bias in insurance-funded incident response investigations limits our understanding of real threats when it comes to cybersecurity. Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with…
In this episode of the VulnWise show, Steve Carter and Scott Kuffer engage with Eli Woodward, a seasoned cyber threat analyst, to explore the intricate relationship between threat intelligence and vulnerability management. They discuss the evolving role of SOC teams, the discrepancies in vulnerability exploitation reports, and the importance of…
Are Compensating Controls Enough to Keep You Secure? | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to talk about compensating controls in exposure management. Some organizations rely too much on compensating controls—are they enough? Here’s what you need to know, straight from the VulnWise Podcast. 🔐 🎙️ Watch the full…
When to Use Compensating Controls in Vulnerability Management | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to discuss compensating controls and when you need to use them. Not all vulnerabilities need immediate patching. Here’s when and how compensating controls can be an effective part of your VM strategy. From the…
What If You Can’t Patch? Categorizing Compensating Controls | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to talk about compensating controls in cybersecurity. Patching isn’t always an option. Here’s how to categorize and implement effective compensating controls to keep your system secure. Check out this VulnWise Podcast clip! 🔍 🎙️…