Should we even care about vulnerability severity scores?
Listen now
Description
Everyone fears the dreaded 10-out-of-10 CVSS severity score on a vulnerability with "critical" written somewhere on the advisory. But does that number even matter to an attacker or hypothetical defender? Matt, Mitch and Lurene discuss the various ways the security community classifies vulnerabilities and how potential targets can use that information to their advantage. They discuss patching strategies, potential security holes that attackers look for and real-world cases of vulnerabilities that have led to breaches or cyber attacks.
Other suggested talking points:
Band jam sessionsConference season getting underwayWhether Tom Petty's music is actually complex
More Episodes
Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable.
Joe then tells some stories from his days working in electric utility, deploying new systems and his experiences...
Published 04/11/24
Published 04/11/24
Matt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago. This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths...
Published 03/21/24
Artwork or description wrong?
Request an update »
Updates may take a few minutes.
Do you host a podcast?
Track your ranks and reviews from Spotify, Apple Podcasts and more.
See hourly chart positions and more than 30 days of history.
Get Chartable Analytics »
See hourly chart positions and more than 30 days of history.
