Vulnerabilities, CVEs and the attack surface

Listen as Stephen Pritchard, security and technology journalist at Security Insights, talks with Tod Beardsley, VP of Security Research at runZero, about vulnerabilities, CVEs, and the attack surface.

About the episode

The way we measure security threats is changing. As security has become a board-level priority, cybersecurity teams need to think in terms of risk.

But where does that leave vulnerability scores? Are venerable systems such as CVSS, and the CVEs that underpin them, still relevant?

Or could a focus on vulnerability scores be a distraction from the real threats?

The truth, as ever, lies somewhere in between. Vulnerability scores are still a very useful way of categorising risks within an application, and sharing that information. What they cannot do is map those exploits to an organisation’s network, or their own workflows, security measures or even, their business priorities.

That, though, is the CISO’s job. And, as our guest for this episode points out, today’s much more expansive and flexible networks really demand a cultural shift in how we think about the attack surface, and how we defend it.

Meet Our Speakers

todb

Vice President of Security Research

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Resources

Podcasts
Microsoft tried to get me fired weekly — Adventures of Alice & Bob with HD Moore
James Maude and Marc Maiffret (Adventures of Alice & Bob Podcast) sit down with cybersecurity pioneer HD Moore, the legendary founder of the...
Podcasts
Understanding vulnerabilities, exploits, and cybersecurity (CISO Tradecraft)
CISO Tradecraft dives into the latest in cybersecurity vulnerabilities, exploits, and defense strategies with experts from VulnCheck and runZero.
Podcasts
Disruption is coming for the vulnerability management market (Enterprise Security Weekly Podcast)
Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Tod Beardsley sits down with Security Weekly to talk...
Podcasts
Risky Business Soap Box - runZero shakes up vulnerability management
In this sponsored Soap Box edition of the Risky Business podcast, HD Moore joins the show to talk about runZero’s major push into vulnerability...

See Results in Minutes

See & secure your total attack surface. Even the unknowns & unmanageable.