Moshe Zioni of Apiiro talks about threat research and how to properly report discovered code vulnerabilities. We discuss the ways that vulnerabilities can find their way into code despite your best intentions, the difference between full disclosure and responsible disclosure, and being in the last generation to still grow up before the internet changed everything.

– Free cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Cybersecurity threat research 
2:21 - Getting interested in computers
3:25 - Penetration testing and threat research 
6:15 - Code vulnerabilities 
10:58 - Research process for vulnerabilities 
17:05 - Proper reporting of threats
23:11 - Full disclosure vs proper disclosure
25:53 - Current security threats
30:20 - Day-to-day work of security researchers 
32:02 - Tips for working in pentesting 
35:32 - What is Apiiro?
39:11 - Learn more about Moshe Zioni 
39:42 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.