On this episode of @VulnWise , the head of Vulnerability Management for Android gives her last bit of advice on how to be successful at VM, with lessons learned from the field. #vulnerabilitymanagement #patching
In this @VulnWise episode, Scott Kuffer asks the head of patching for Android from Google how Android patches their ecosystem when they have so many devices to patch on a regular basis? #cybersecurity #vulnerabilitymanagement #android
In this episode of @VulnWise , head of Android's bug bounty program explains how they think about the input of bug bounty researchers in the cybersecurity community. Ever wondered how to get your name associated with a CVE? #cybersecurity #bugbounty #android
Guest Rishika Hooda, the head of vulnerability management from Google Android explains why you can't easily transfer academics to the realities of operational vulnerability management. She also explains why vulnerability prioritization is so key to a program. #exposuremanagement #vulnerabilitymanagement #vulnerabilityprioritization
How does Android prioritize which vulnerabilities to fix? This episode of @VulnWise tells us how!
In this episode of the VulnWise Podcast, Scott Kuffer and Steve Carter talk to Rishika Hooda, a senior technical program manager at Google, who shares her extensive experience in cybersecurity, particularly in managing Android's patching and bug bounty programs. The conversation delves into the complexities of vulnerability management at scale,…
Once attackers get in, they follow a predictable playbook—but how do they get in? 🔑 On this clip from the @Vulnwise pod, guest Eli Woodward breaks down why initial access remains a mystery and why organizations rarely share details on how breaches start. Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE…
🧠 In this clip from the @VulnWise show, guest Eli Woodward explains why defining threat intelligence isn’t as simple as it seems—after all, there are at least 23 different definitions floating around! So, what does it really mean? Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with hosts Scott Kuffer and…
📚 In this clip from the @VulnWise show, guest Eli Woodward shares why staying humble and continuously learning is key to cybersecurity success. The internet has a way of humbling even the smartest experts—so how do you keep up without falling behind? Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with…
🔍 In this clip from the @VulnWise show, guest Eli Woodward explains why threat intelligence is reactive while vulnerability intelligence allows for proactive defense. But does the industry really make this distinction clear? 🤔 Ask three CTI experts, and you might get five different answers! Watch the full VulnWise episode…
Cyber insurance is creating silos of incident response data—meaning the industry isn’t learning key security lessons. 🚨In this @VulnWise clip, guest Eli Woodward explains how bias in insurance-funded incident response investigations limits our understanding of real threats when it comes to cybersecurity. Watch the full VulnWise episode here: https://youtu.be/-tE0gJk9RCE with…
In this episode of the VulnWise show, Steve Carter and Scott Kuffer engage with Eli Woodward, a seasoned cyber threat analyst, to explore the intricate relationship between threat intelligence and vulnerability management. They discuss the evolving role of SOC teams, the discrepancies in vulnerability exploitation reports, and the importance of…
Are Compensating Controls Enough to Keep You Secure? | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to talk about compensating controls in exposure management. Some organizations rely too much on compensating controls—are they enough? Here’s what you need to know, straight from the VulnWise Podcast. 🔐 🎙️ Watch the full…
When to Use Compensating Controls in Vulnerability Management | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to discuss compensating controls and when you need to use them. Not all vulnerabilities need immediate patching. Here’s when and how compensating controls can be an effective part of your VM strategy. From the…
What If You Can’t Patch? Categorizing Compensating Controls | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to talk about compensating controls in cybersecurity. Patching isn’t always an option. Here’s how to categorize and implement effective compensating controls to keep your system secure. Check out this VulnWise Podcast clip! 🔍 🎙️…
Security vs. Budget: How Much Should You Really Spend? | VulnWise Podcast Guest Caleb Hoch joins @VulnWise to discuss compensating controls. Is your security spend effective, or are you just throwing money at the problem? Learn how to balance risk and cost in vulnerability management in this VulnWise Podcast clip.…
Guest Caleb Hoch from Google joins @VulnWise to talk about phishing. Phishing simulations are everywhere—but do they really improve security awareness? Find out what works and what doesn’t in this clip from the VulnWise Podcast. 🚨 🎙️ Watch the full episode here: https://youtu.be/2MwNdzQtOvU #cybersecurity #phishing #VulnWise #podcast
In this episode of the VulnWise Show, hosts Scott Kuffer and Steve Carter dive into the nuanced world of compensating controls with cybersecurity expert Caleb Hoch, Principal Security Consultant at Google Mandiant. Caleb shares his insights on effectively leveraging compensating controls in vulnerability management, balancing risk, and addressing challenges in…
Guest Chris Peltz talks about #ctem on @VulnWise . How to go beyond traditional network scanning and assess risks across the entire business, from SaaS to code scanning, to cloud security, and how that all relates to network scanning. Does Vulnerability Management have a unification future?
Guest Chris Peltz talks about #ctem on @VulnWise . How do you determine what your mission critical priorities are, and how to use that data to get buy-in and reduce false positives so you can get your CTEM program off the ground. What are we trying to secure? Why are…
Guest Chris Peltz talks about #ctem on @VulnWise . How do you determine what your mission critical priorities are, and how to use that data to get buy-in and reduce false positives so you can get your CTEM program off the ground.
Chris Peltz talks about #ctem on the @VulnWise show, and why communicating business value is so important. How do you frame up your security data in the context of the business so you get the best outcomes.
On why implementing CTEM is not a product solution, vendor solution, or a magic quadrant. You reduce risk from exposures based on what matters to your business, and that is not a product feature; it is a paradigm.
Welcome to the VulnWise Show! In this episode, we dive deep into the world of Continuous Threat and Exposure Management (CTEM) with Chris Peltz from GuidePoint Security. Join hosts Steve Carter and Scott Kuffer as they explore CTEM’s transformative potential in exposure management. Chris shares insights on differentiating vulnerabilities from…