Security expert Zoë Rose beams aboard the Datanauts podcast to discuss the intricacies of vulnerability management, including how to asses risks, when and what to patch, the importance of input from multiple stakeholders, compensating controls, and more. The post Datanauts 167: Patch Now Or Later? The Delicate Art Of Vulnerability Management appeared first on Packet Pushers.
Somewhere in your network, there’s at least one exploitable vulnerability. Maybe it’s a really bad one. Maybe it’s not that bad.
Do you know what the vulnerability is? Do you have a way to explain to the business the risk it represents? Do you have a strategy to fix it or otherwise mitigate the risk?
Climb aboard with the Datanauts as we fly the good ship Vulnerability Management to Planet Security on today’s episode.
Our guest is Zoë Rose, an ethical hacker and cyber security consultant.
Zoë, Chris, and Ethan discuss:
* Setting a baseline on what we mean by vulnerabilities
* The value of the CVSS
* Different kinds of tools for finding vulnerabilities
* Assigning risk levels in your organization
* How risk levels should influence patching
* The use of compensating controls
* Whether it’s worth patching ephemeral containers
* More
Sponsor: Netrounds
Netrounds software performs active testing and monitoring to ensure your business-critical applications and services are running as expected. Get real-time insights for testing, troubleshooting, and SLA monitoring. Find out more at netrounds.com/packetpushers.
Show Links:
Zoë Rose on Twitter
Rose Security And Intelligence
Common Vulnerability Scoring System – Wikipedia