Chris Hughes, Author of Effective Vulnerability Management

Unsolicited Response

May 15, 2024•44 min•Season 2024Ep. 7

--:--

Listen in podcast apps:

Apple Podcasts

Spotify

Download

Listen to this episode in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Chris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including:

The definition and scope of vulnerabilities. It’s much more than coding errors that need patches.
Are ICS protocols lacking authentication “vulnerabilities”
The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change.
Ways to prioritize what vulnerabilities you address.
The SSVC decision tree approach that was introduced at S4 as Never, Next, Now
Tooling … vulnerability management, software configuration, ticketing, remediation.
And much more.

Links:

Effective Vulnerability Management, https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207/
Dale’s ICS-Patch Decision Tree, https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf

For the best experience, listen in Metacast app for iOS or Android