Special thanks to Jeff Gouge for sharing his thoughts on consolidating vulnerability management. We also thank our sponsor Nucleus Security for supporting this episode.
Consistently tracking and prioritizing vulnerabilities is a difficult problem. This episode talks about it in detail and helps you increase your understanding in:
- Various application security scanning tools (SAST, DAST, SCA, Container, IoT, Secret Scanners, Cloud Security Scans, ...) and why companies need so many
- How CVSS base scores are actually calculated so you can understand its strengths and weaknesses
- How Threat Intelligence Data improves CVSS scoring
- Learning about the Stakeholder-Specific Vulnerability Categorization Guide (SSVC)
Note a Full Transcript of this podcast can be found here: