The Defender's Advantage Podcast cover image

The Defender's Advantage Podcast

Busting the Myths of Vulnerability Management

May 16, 2018
17:09

FireEye Chief Intelligence Strategist, Christopher Porter had the
opportunity to speak with Jared Semrau, head of our Vulnerability and
Exploitation intelligence team. Jared discusses how his team gathers
information on new and existing exploitable bugs, combines that with
what FireEye knows from engagements and device detections, and how
they map that intelligence to known threat actors. There are a lot of
myths going around about how vulnerability management should be
handled and this discussion helped cut through a lot of that.

Listen to the podcast to join this conversation and to learn why
FireEye rates less than 0.01% of its vulnerabilities as critical,
compared to 10% of vulnerabilities being rated critical by public
sources. Jared did a great job explaining for me how this focus on
only the truly critical and exploitable vulnerabilities helps our
clients better utilize their limited threat hunting resources and keep
operational systems online as much as possible without unnecessary
out-of-cycle patching.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode