032. An Intro: Vulnerability Management
Hacked Off12 Syys 2019

032. An Intro: Vulnerability Management

What does vulnerability management, mean to you? How do you deal with these issues and track this information? Our Technical Director, Holly Grace Williams discusses the process of pulling together vulnerability information and how certain industry scoring systems for vulnerabilities can be misleading. Key points: 0’43 Keeping track of vulnerability information 3’30 Vulnerability aggregation 6’10 Scoring vulnerabilities with CVSS 12’45 ‘High risk’ can mean different things 19’25 Grouping assets into services 27’52 Reporting vulnerabilities to the board 29’24 Tracking vulnerability recurrence We’d love to hear how you’re tracking vulnerability information? Let us know on social via Twitter or LinkedIn! Useful links: Common Vulnerability Scoring Systems version 3.1 - https://www.first.org/cvss/calculator/3.1 OWASP Top 10 - https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Download on iTunes: apple.co/2Ji61Ek Listening time: 36 minutes Hosted by: Holly Grace Williams, Technical Director at Secarma

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(108)

108. IASME: IOT Security Compliance

108. IASME: IOT Security Compliance

Following audience responses to Pod 107 with Jason Blake, Secarma Jen Williams has circled back to do a deeper dive into the PSTI legislation and IoT devices. With the legislation going live at the e...

22 Huhti 202426min

107. Jason Blake: IoT and PSTI

107. Jason Blake: IoT and PSTI

Secarma Head of Testing, Simon Chapman, takes over the hosting duties as the Hacked Off podcast returns. Episode 107 focuses on IoT and the new regulations that are forcing manufacturers to place secu...

6 Helmi 202424min

106. Simon McNamee: Optimising Security Services

106. Simon McNamee: Optimising Security Services

In this episode of Hacked Off, Holly interviews Simon McNamee - Secure Impact's Security Technology Lead. This week, they discuss what issues security experts often encounter when working with busines...

29 Loka 202143min

105. Rob Demain: SOCs and SMEs

105. Rob Demain: SOCs and SMEs

For some organisations, using Security Operation Centre services is a great way to minimise the impact of a possible cyberattack. Moving quickly and effectively, SOCs can detect, analyse and respond t...

15 Loka 202142min

104. David Barr: Cybersecurity CSI

104. David Barr: Cybersecurity CSI

In the cybersecurity world, the digital forensics dept acts as the Crime Scene Investigation team for a business that has fallen foul of a cyber-criminal. DFI techniques are used to investigate and re...

24 Syys 202130min

103. Declan Doyle: Cyber Resilience

103. Declan Doyle: Cyber Resilience

Valuing your SME as ‘too small to get hacked’ can leave you complacent and open to attacks, with little to no defences in place. For those who find cybersecurity daunting, there are organisations out ...

20 Elo 202131min

102. Nick Blundell: Automating Testing

102. Nick Blundell: Automating Testing

The medium of cyber-attacks is code, but the mastermind that drives them is always human intelligence. Systems are created by people, and automated tech still can't understand every nuance that humans...

16 Elo 20211h 5min

101. Greg van der Gaast: Rethinking Recruitment

101. Greg van der Gaast: Rethinking Recruitment

In a time of record unemployment due to the pandemic, it’s strange that cybersecurity job openings receive so little applicants and take 20% longer to fill than typical IT roles. Is there a cyber skil...

6 Elo 202131min