The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275 - podcast episode cover

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275

Application Security Weekly (Audio)
Mar 05, 20241 hr 19 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter ways to approach vulns based in modern app development. We also explore the ecosystem of acronyms around vulns and figure out what's useful (if anything) in CVSS, SSVC, EPSS, and more.

Segment resources:

A SilverSAML example similar to the GoldenSAML attack technique, more about serializing AI models for Hugging Face, OWASP releases 1.0 of the IoT Security Testing Guide, the White House releases more encouragement to move to memory-safe languages, and more!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-275

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275 | Application Security Weekly (Audio) podcast - Listen or read transcript on Metacast