To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Tech VerSprite Cybersecurity Cybersecurity Cyber Security Technology Application Threat Modeling Business News
Content provided by VerSprite Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by VerSprite Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Dirty South Security Podcast « »
Ep.08 - Vuln Mgt Meltdowns, Revisiting Autopatching, & Future Proofing Resiliency

36:23
 
Play
Playing
Share
 

MP3Episode home
Manage episode 461698727 series 3426400
Content provided by VerSprite Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by VerSprite Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Welcome to another episode of The Dirty South Security Podcast! In this episode, we are joined by Billy Hoffman as we dive deep into the chaotic world of vulnerability management and explore ways to future-proof your organization's resiliency. Here's what we cover:
I. Vuln Mgt Sucks

  • - We break down the stereotypical vulnerability management process and its pitfalls.
  • - Can CVSS 4.0 (link) save the day?
  • Exploring EPSS & KEV and their roles in vulnerability management.

II. End of Life Software: The Story of Our Lives

  • - Discussing the decade-old Cisco ASA vulnerability (CVE-2014-2120) that's - still being actively exploited.
  • - The mentality around patching, acceptable vulnerability levels, and the ongoing struggle with EOL assets.

III. 1980 - Is it the Complacent Vulnerability Scoring System?

  • - Examining the medium severity CVEs and how most organizations handle them.
  • - Why do many security teams overlook medium-severity vulnerabilities and their impact on overall security?

IV. Autopatching - Did it Ever Arrive? Why Not?

  • - Understanding the complexities of 1:many relationships in patching.
  • - The implications of downtime and why auto patching hasn't become the norm.

V. AI to the Rescue?

  • - Debunking the marketing hype around AI in vulnerability management (link).
  • - Discussing the rise of AI-generated compliance solutions and their effectiveness.

VI. Final Thoughts

  • How can we move beyond the outdated 2005 enterprise vulnerability management practices?

Join us as we navigate these critical topics and share insights to help you stay ahead in the ever-evolving cybersecurity landscape. Don't forget to like, comment, and subscribe for more episodes

// FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE //

// ABOUT VERSPRITE //
VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

  continue reading

12 episodes

#Tech #VerSprite Cybersecurity #Cybersecurity #Cyber #Security #Technology #Application Threat Modeling #Business #News
Artwork

Ep.08 - Vuln Mgt Meltdowns, Revisiting Autopatching, & Future Proofing Resiliency

Dirty South Security Podcast

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 461698727 series 3426400
Content provided by VerSprite Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by VerSprite Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Welcome to another episode of The Dirty South Security Podcast! In this episode, we are joined by Billy Hoffman as we dive deep into the chaotic world of vulnerability management and explore ways to future-proof your organization's resiliency. Here's what we cover:
I. Vuln Mgt Sucks

  • - We break down the stereotypical vulnerability management process and its pitfalls.
  • - Can CVSS 4.0 (link) save the day?
  • Exploring EPSS & KEV and their roles in vulnerability management.

II. End of Life Software: The Story of Our Lives

  • - Discussing the decade-old Cisco ASA vulnerability (CVE-2014-2120) that's - still being actively exploited.
  • - The mentality around patching, acceptable vulnerability levels, and the ongoing struggle with EOL assets.

III. 1980 - Is it the Complacent Vulnerability Scoring System?

  • - Examining the medium severity CVEs and how most organizations handle them.
  • - Why do many security teams overlook medium-severity vulnerabilities and their impact on overall security?

IV. Autopatching - Did it Ever Arrive? Why Not?

  • - Understanding the complexities of 1:many relationships in patching.
  • - The implications of downtime and why auto patching hasn't become the norm.

V. AI to the Rescue?

  • - Debunking the marketing hype around AI in vulnerability management (link).
  • - Discussing the rise of AI-generated compliance solutions and their effectiveness.

VI. Final Thoughts

  • How can we move beyond the outdated 2005 enterprise vulnerability management practices?

Join us as we navigate these critical topics and share insights to help you stay ahead in the ever-evolving cybersecurity landscape. Don't forget to like, comment, and subscribe for more episodes

// FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE //

// ABOUT VERSPRITE //
VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

  continue reading

12 episodes

#Tech #VerSprite Cybersecurity #Cybersecurity #Cyber #Security #Technology #Application Threat Modeling #Business #News

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play