Get every episode of every Packet Pushers podcast in one very fat, very handy feed! Because too much technology would never be enough. Includes Day Two Cloud, Heavy Networking, Heavy Strategy, Heavy Wireless, IPv6Buzz, Kubernetes Unpacked, and Network Break.
https://packetpushers.net/podcasts/
Datanauts 167: Patch Now Or Later? The Delicate Art Of Vulnerability Management
Somewhere in your network, there’s at least one exploitable vulnerability. Maybe it’s a really bad one. Maybe it’s not that bad.
Do you know what the vulnerability is? Do you have a way to explain to the business the risk it represents? Do you have a strategy to fix it or otherwise mitigate the risk?
Climb aboard with the Datanauts as we fly the good ship Vulnerability Management to Planet Security on today’s episode.
Our guest is Zoë Rose, an ethical hacker and cyber security consultant.
Zoë, Chris, and Ethan discuss:
* Setting a baseline on what we mean by vulnerabilities
* The value of the CVSS
* Different kinds of tools for finding vulnerabilities
* Assigning risk levels in your organization
* How risk levels should influence patching
* The use of compensating controls
* Whether it’s worth patching ephemeral containers
* More
Sponsor: Netrounds
Netrounds software performs active testing and monitoring to ensure your business-critical applications and services are running as expected. Get real-time insights for testing, troubleshooting, and SLA monitoring. Find out more at netrounds.com/packetpushers.
Show Links:
Zoë Rose on Twitter
Rose Security And Intelligence
Common Vulnerability Scoring System – Wikipedia