032. An Intro: Vulnerability Management

What does vulnerability management, mean to you? How do you deal with these issues and track this information? Our Technical Director, Holly Grace Williams discusses the process of pulling together vulnerability information and how certain industry scoring systems for vulnerabilities can be misleading. Key points: 0’43 Keeping track of vulnerability information 3’30 Vulnerability aggregation 6’10 Scoring vulnerabilities with CVSS 12’45 ‘High risk’ can mean different things 19’25 Grouping assets into services 27’52 Reporting vulnerabilities to the board 29’24 Tracking vulnerability recurrence We’d love to hear how you’re tracking vulnerability information? Let us know on social via Twitter or LinkedIn! Useful links: Common Vulnerability Scoring Systems version 3.1 - https://www.first.org/cvss/calculator/3.1 OWASP Top 10 - https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Download on iTunes: apple.co/2Ji61Ek Listening time: 36 minutes Hosted by: Holly Grace Williams, Technical Director at Secarma

Om Podcasten

Hacked Off demystifies the world of cybersecurity. Hosted by Secarma's Managing Director, Holly Grace Williams, it features weekly interviews delving beneath the headlines of the latest hacks, breaches and vulnerabilities, providing expert advice on how to stay safe online. This podcast is brought to you by global cybersecurity and penetration testing company, Secarma.