When Application Vulnerabilities Are First Reported on Social Media: Strategies and Recommendations

The U.S. Department of Energy’s Pacific Northwest National Laboratory reports that one-quarter of software vulnerabilities appear on social media sites—GitHub, Twitter, and Reddit—before they are logged in the National Vulnerability Database. Cybersecurity professionals aren’t the only ones to notice; cyber criminals are busy exploiting this gap. Should professionals tasked with application security be using social media to identify software vulnerabilities? Or is there a better way? In this podcast interview, Contrast Security’s Director of Developer Relations Erik Costlow discusses what challenges this presents to security and development teams and what strategies they can employ to ensure their newly uncovered vulnerabilities are not caught in the crosshairs of cyber criminals.

Om Podcasten

Contrast Security provides the industry’s only DevOps-Native AppSec Platform using instrumentation to continuously analyze and protect software from within the application. This enables businesses to see more of the risks in their software and less development delays and AppSec complexity. The Contrast platform integrates seamlessly into development pipelines, enabling easier security bug and vulnerability fixes that significantly speed release cycles. The Contrast Inside AppSec Podcast features informative, engaging interviews with security, development, and business leaders on application security trends and innovation. Visit Contrast Security at contrastsecurity.com.