To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Ymmärsin!
Artwork

Tech News Tech News Hacking Hackingnews Security Securitynews Video Security Weekly Productions SecurityWeek
Sisällön tarjoaa Security Weekly Productions. Security Weekly Productions tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.

Samanlainen kuin Security Weekly Podcast Network (Video)

Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!
Get it on App Store Get it on Google Play

Security Weekly Podcast Network (Video) « »
How do we patch the right things? - PSW #840

1:02:37
 
Toista
Toistetaan
Jaa
 

MP4Jakson koti
Manage episode 435586577 series 2794675
Sisällön tarjoaa Security Weekly Productions. Security Weekly Productions tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as:

  • Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways.
  • CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these?
  • CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not".
  • EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next?

Show Notes: https://securityweekly.com/psw-840

  continue reading

4211 jaksoa

#Tech #News #Tech News #Hacking #Hackingnews #Security #Securitynews #Video #Security Weekly Productions #SecurityWeek
Artwork

How do we patch the right things? - PSW #840

Security Weekly Podcast Network (Video)

0-10 subscribers

published

Toista Toistetaan
iconJaa
 
MP4Jakson koti
Manage episode 435586577 series 2794675
Sisällön tarjoaa Security Weekly Productions. Security Weekly Productions tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as:

  • Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways.
  • CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these?
  • CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not".
  • EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next?

Show Notes: https://securityweekly.com/psw-840

  continue reading

4211 jaksoa

#Tech #News #Tech News #Hacking #Hackingnews #Security #Securitynews #Video #Security Weekly Productions #SecurityWeek

Semua episode

×
 
Loading …

Tervetuloa Player FM:n!

Player FM skannaa verkkoa löytääkseen korkealaatuisia podcasteja, joista voit nauttia juuri nyt. Se on paras podcast-sovellus ja toimii Androidilla, iPhonela, ja verkossa. Rekisteröidy sykronoidaksesi tilaukset laitteiden välillä.

 

Samanlainen kuin Security Weekly Podcast Network (Video)

Kuuntele yli 500 aihetta
Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!
Get it on App Store Get it on Google Play

Pikakäyttöopas

Suosituimmat podcastit
Lindgren & Sihvonen
Urheilun ääni
Ykkösaamu
Afterwork
Kasper ja Mikko - Suomen suosituin podcast
Tuomiolla
Kolme miestä ja elokuvasauva
Mikä maksaa?
10X Finland
Pyöreä pöytä
Uutisraportti podcast
Stressivapaa johtaja | Näkökulmia henkilökohtaiseen kasvuun
Tiedeykkönen
Vinkistä vihiä
Radio Wyrd Podcast
Jäljillä
Player FM logo
Apua/UKK | Päivitä | Mainostaa
Taide|Liike-elämä|Komedia|Talous|Viihde|Uutiset|Politiikka|Uskonto
Tiede|Jalkapallo|Urheilu|Tarinankerronta|Teknologia|True crime
Tekijänoikeudet 2024 | Sivukartta | Tietosuojakäytäntö | Käyttöehdot | | Tekijänoikeus
Episode being played series thumbnail
icon icon
Nopeus
Sarjan asetukset
1x
1x
Volume
100%
icon
icon icon
/

Näytä Player FM kohteessa ...
Player FM
Browser
Chrome
Safari
Firefox