Questo sito fa uso di cookie per migliorare l'esperienza di navigazione degli utenti. Leggi la nostra Normativa sulla privacy e i Termini di servizio per saperne di più. OK!
Artwork

Tech Tech News Hacking Hackingnews Security Securitynews Security Weekly News Video Security Weekly Productions SecurityWeek
Contenuto fornito da Security Weekly Productions and Security Weekly. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Security Weekly Productions and Security Weekly o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

Simile a Security Weekly Podcast Network (Video)

Player FM - App Podcast
Vai offline con l'app Player FM !
Get it on App Store Get it on Google Play

Security Weekly Podcast Network (Video) « »
How do we patch the right things? - PSW #840

1:02:37
 
Riproduci
In riproduzione
Condividi
 

MP4Pagina principale dell'episodio
Manage episode 435599105 series 72776
Contenuto fornito da Security Weekly Productions and Security Weekly. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Security Weekly Productions and Security Weekly o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as:

  • Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways.
  • CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these?
  • CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not".
  • EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next?

Show Notes: https://securityweekly.com/psw-840

  continue reading

4211 episodi

#Tech #Tech News #Hacking #Hackingnews #Security #Securitynews #Security Weekly #News #Video #Security Weekly Productions #SecurityWeek
Artwork

How do we patch the right things? - PSW #840

Security Weekly Podcast Network (Video)

155 subscribers

published

Riproduci In riproduzione
iconCondividi
 
MP4Pagina principale dell'episodio
Manage episode 435599105 series 72776
Contenuto fornito da Security Weekly Productions and Security Weekly. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Security Weekly Productions and Security Weekly o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as:

  • Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways.
  • CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these?
  • CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not".
  • EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next?

Show Notes: https://securityweekly.com/psw-840

  continue reading

4211 episodi

#Tech #Tech News #Hacking #Hackingnews #Security #Securitynews #Security Weekly #News #Video #Security Weekly Productions #SecurityWeek

Усі епізоди

×
 
Loading …

Benvenuto su Player FM!

Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.

 

Simile a Security Weekly Podcast Network (Video)

Ascolta più di 500 argomenti
Player FM - App Podcast
Vai offline con l'app Player FM !
Get it on App Store Get it on Google Play

Guida rapida

I migliori podcast
Emozione Vincente
Marco Montemagno - Il Podcast
Decrépitos
Deejay Chiama Italia
Pinocchio
La Bomba
Don Chisciotte
2024
La Zanzara
Deejay Chiama Italia
Sognatori Svegli Podcast
Scientificast
Scientificast
Giorno per giorno
Buon ascolto
Giallo Criminale
Demoni Urbani
L'Enciclopedia del Crimine
Player FM logo
Aiuto/FAQ | Effettua l'upgrade | Pubblicizza
Arte|Affari|Commedie|Economia|Intrattenimento|News|Politica|Religione
Scienze|Calcio|Sport|Narrazione di storie|Tecnologia|Cronaca nera
Copyright 2024 | Mappa del sito | Politica sulla Privacy | Termini di servizio | | Diritto d'autore
Episode being played series thumbnail
icon icon
Velocità
Impostazioni serie
1x
1x
Volume
100%
icon
icon icon
/

Visualizza Player FM in ...
Player FM
Browser
Chrome
Safari
Firefox