Chris Hughes, Author of Effective Vulnerability Management
Unsolicited Response
English - May 15, 2024 18:37 - 43 minutes - 43.7 MB - ★★★★★ - 12 ratingsTechnology iiot dalepeterson digitalbond icssecurity scadahacking scadasecurity Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Chris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including:
The definition and scope of vulnerabilities. It’s much more than coding errors that need patches.
Are ICS protocols lacking authentication “vulnerabilities”
The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change.
Ways to prioritize what vulnerabilities you address.
The SSVC decision tree approach that was introduced at S4 as Never, Next, Now
Tooling … vulnerability management, software configuration, ticketing, remediation.
And much more.
Links:
Effective Vulnerability Management, https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207/
Dale’s ICS-Patch Decision Tree, https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf