Podbean logo
  • Discover
  • Podcast Features
    • Podcast Hosting

      Start your podcast with all the features you need.
    • Podbean AI Podbean AI

      AI-Enhanced Audio Quality and Content Generation.
    • Blog to Podcast

      Repurpose your blog into an engaging podcast.
    • Video to Podcast

      Convert YouTube playlists to podcasts, videos to audios.
  • Monetization
    • Ads Marketplace

      Join Ads Marketplace to earn through podcast sponsorships.
    • PodAds

      Manage your ads with dynamic ad insertion capability.
    • Apple Podcasts Subscriptions Integration

      Monetize with Apple Podcasts Subscriptions via Podbean.
    • Live Streaming

      Earn rewards and recurring income from Fan Club membership.
  • Podbean App
    • Podcast Studio

      Easy-to-use audio recorder app.
    • Podcast App

      The best podcast player & podcast app.
  • Help and Support
    • Help Center

      Get the answers and support you need.
    • Podbean Academy

      Resources and guides to launch, grow, and monetize podcast.
    • Podbean Blog

      Stay updated with the latest podcasting tips and trends.
    • What’s New

      Check out our newest and recently released features!
    • Podcasting Smarter

      Podcast interviews, best practices, and helpful tips.
  • Popular Topics
    • How to Start a Podcast

      The step-by-step guide to start your own podcast.
    • How to Start a Live Podcast

      Create the best live podcast and engage your audience.
    • How to Monetize a Podcast

      Tips on making the decision to monetize your podcast.
    • How to Promote Your Podcast

      The best ways to get more eyes and ears on your podcast.

    • Podcast Advertising 101

      Everything you need to know about podcast advertising.
    • Mobile Podcast Recording Guide

      The ultimate guide to recording a podcast on your phone.
    • How to Use Group Recording

      Steps to set up and use group recording in the Podbean app.
  • All Arts Business Comedy Education
  • Fiction Government Health & Fitness History Kids & Family
  • Leisure Music News Religion & Spirituality Science
  • Society & Culture Sports Technology True Crime TV & Film
  • Live
  • How to Start a Podcast
  • How to Start a Live Podcast
  • How to Monetize a podcast
  • How to Promote Your Podcast
  • How to Use Group Recording
  • Log in
  • Start your podcast for free
  • Podcasting
    • Podcast Features
      • Podcast Hosting

        Start your podcast with all the features you need.
      • Podbean AI Podbean AI

        AI-Enhanced Audio Quality and Content Generation.
      • Blog to Podcast

        Repurpose your blog into an engaging podcast.
      • Video to Podcast

        Convert YouTube playlists to podcasts, videos to audios.
    • Monetization
      • Ads Marketplace

        Join Ads Marketplace to earn through podcast sponsorships.
      • PodAds

        Manage your ads with dynamic ad insertion capability.
      • Apple Podcasts Subscriptions Integration

        Monetize with Apple Podcasts Subscriptions via Podbean.
      • Live Streaming

        Earn rewards and recurring income from Fan Club membership.
    • Podbean App
      • Podcast Studio

        Easy-to-use audio recorder app.
      • Podcast App

        The best podcast player & podcast app.
  • Advertisers
  • Enterprise
  • Pricing
  • Resources
    • Help and Support
      • Help Center

        Get the answers and support you need.
      • Podbean Academy

        Resources and guides to launch, grow, and monetize podcast.
      • Podbean Blog

        Stay updated with the latest podcasting tips and trends.
      • What’s New

        Check out our newest and recently released features!
      • Podcasting Smarter

        Podcast interviews, best practices, and helpful tips.
    • Popular Topics
      • How to Start a Podcast

        The step-by-step guide to start your own podcast.
      • How to Start a Live Podcast

        Create the best live podcast and engage your audience.
      • How to Monetize a Podcast

        Tips on making the decision to monetize your podcast.
      • How to Promote Your Podcast

        The best ways to get more eyes and ears on your podcast.

      • Podcast Advertising 101

        Everything you need to know about podcast advertising.
      • Mobile Podcast Recording Guide

        The ultimate guide to recording a podcast on your phone.
      • How to Use Group Recording

        Steps to set up and use group recording in the Podbean app.
  • Discover
    • Log in
    Sign up free
CISO Tradecraft®

CISO Tradecraft®

Technology

#173 - Mastering Vulnerability Management

#173 - Mastering Vulnerability Management

2024-03-18
Download

In this episode of CISO Tradecraft, host G Mark Hardy delves into the critical subject of vulnerability management for cybersecurity leaders. The discussion begins with defining the scope and importance of vulnerability management, referencing Park Foreman's comprehensive approach beyond mere patching, to include identification, classification, prioritization, remediation, and mitigation of software vulnerabilities. Hardy emphasizes the necessity of a strategic vulnerability management program to prevent exploitations by bad actors, illustrating how vulnerabilities are exploited using tools like ExploitDB, Metasploit, and Shodan. He advises on deploying a variety of scanning tools to uncover different types of vulnerabilities across operating systems, middleware applications, and application libraries. Highlighting the importance of prioritization, Hardy suggests focusing on internet-facing and high-severity vulnerabilities first and discusses establishing service level agreements for timely patching. He also covers optimizing the patching process, the significance of accurate metrics in measuring program effectiveness, and the power of gamification and executive buy-in to enhance security culture. To augment the listener's knowledge and toolkit, Hardy recommends further resources, including OWASP TASM and books on effective vulnerability management.

Transcripts: https://docs.google.com/document/d/13P8KsbTOZ6b7A7HDngk9Ek9FcS1JpQij

OWASP Threat and Safeguard Matrix - https://owasp.org/www-project-threat-and-safeguard-matrix/

Effective Vulnerability Management - https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207

Chapters

  • 00:00 Introduction
  • 00:56 Understanding Vulnerability Management
  • 02:15 How Bad Actors Exploit Vulnerabilities
  • 04:26 Building a Comprehensive Vulnerability Management Program
  • 08:10 Prioritizing and Remediation of Vulnerabilities
  • 13:09 Optimizing the Patching Process
  • 15:28 Measuring and Improving Vulnerability Management Effectiveness
  • 18:28 Gamifying Vulnerability Management for Better Results
  • 20:38 Securing Executive Buy-In for Enhanced Security
  • 21:15 Conclusion and Further Resources
view more

More Episodes

#139 - Insider Threat Operations (with Jim Lawler)
2023-07-24
#138 - Updating the Mindmap (with Rafeeq Rehman)
2023-07-17
#137 - 1% Better Leadership (with Andy Ellis)
2023-07-10
#136 - From Hacking to Hardcover (with Bill Pollock)
2023-07-03
#135 - Board Decks (with Demetrios Lazarikos)
2023-06-26
#134 - Ransomware Response (with Ricoh Danielson)
2023-06-19
#133 - The Seesaw of Cyber Recruiting (with Lee Kushner)
2023-06-12
#132 - Founding to Funding (with Cyndi and Ron Gula)
2023-06-05
#131 - Framing Executive Discussions
2023-05-29
#130 - Financial Planning (with Logan Jackson)
2023-05-22
#129 - Protecting Your Family
2023-05-15
#128 - How do CISOs spend their time?
2023-05-08
#127 - How to Stop Bad Guys from Staying on Your Network (with Kevin Fiscus)
2023-05-01
#126 - ChatGPT & Generative AI (with Konstantinos Sgantzos)
2023-04-24
#125 - Cyber Ranges (with Debbie Gordon)
2023-04-17
#124 - Simple, Easy, & Cheap Cybersecurity Measures (with Brent Deterding)
2023-04-10
#123 - Accepted Cyber Strategy (with Branden Newman)
2023-04-03
#122 - Methodologies for Analysis (with Christopher Crowley)
2023-03-27
#121 - Legal Questions (with Evan Wolff)
2023-03-20
#120 - Negotiating Your Best CISO Package (with Michael Piacente)
2023-03-13
  • ←
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • →
012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store Download Podbean app on Google Play

Create your
podcast in
minutes

  • Full-featured podcast site
  • Unlimited storage and bandwidth
  • Comprehensive podcast stats
  • Distribute to Apple Podcasts, Spotify, and more
  • Make money with your podcast
Get started

It is Free

  • Podcast Services

    • Podcast Features
    • Pricing
    • Enterprise Solution
    • Private Podcast
    • The Podcast App
    • Live Stream
    • Audio Recorder
    • Remote Recording
    • Podbean AI
  •  
    • Create a Podcast
    • Video Podcast
    • Start Podcasting
    • Start Radio Talk Show
    • Education Podcast
    • Church Podcast
    • Nonprofit Podcast
    • Get Sermons Online
    • Free Audiobooks

  • MONETIZATION & MORE

    • Podcast Advertising
    • Dynamic Ads Insertion
    • Apple Podcasts Subscriptions
    • Switch to Podbean
    • YouTube to Podcast
    • Blog to Podcast
    • Submit Your Podcast
    • Podbean Plugins
    • Developers

  • KNOWLEDGE BASE

    • How to Start a Podcast
    • How to Start a Live Podcast
    • How to Monetize a Podcast
    • How to Promote Your Podcast
    • Mobile Podcast Recording Guide
    • How to Use Group Recording
    • Podcast Advertising 101

  • Support

    • Support Center
    • What’s New
    • Free Webinars
    • Podcast Events
    • Podbean Academy
    • Podcasting Smarter
    • Badges
    • Resources

  • Podbean

    • About Us
    • Podbean Blog
    • Careers
    • Press and Media
    • Green Initiative
    • Affiliate Program
    • Contact Us
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
  • Consent Preferences
  • Copyright © 2015-2025 Podbean.com