Artwork

Konten disediakan oleh Security Weekly Productions. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly Productions atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !

Vulnerability Management is Dead! - Rickard Carlsson - ESW #257

36:06
 
Bagikan
 

Manage episode 318189172 series 1161049
Konten disediakan oleh Security Weekly Productions. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly Productions atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.

Modern tech stacks are becoming increasingly complex puzzles of components built in-house and sourced from third-party vendors. With DNS at the center of the infrastructure, and staging and production being sometimes just minutes apart, scanning for CVEs is not enough to stay on top of web threats. There are lots of critical things traditional app scanners won’t catch, like dangling DNS records, subdomain takeover and open S3 buckets. To keep their growing attack surface secure, companies need to combine crowdsourced vulnerability detection with solutions that detect outliers and anomalies in their software - before these become an attack vector. In this episode we’ll discuss:

- Why hunting for vulnerabilities is no longer enough to stay on top of threats

- Vulnerability Management vs Attack Surface Management

- How security teams can adapt their vulnerability management process to modern dev cycles.

Segment Resources:

More insights on how to secure your external attack surface: https://detectify.com/resources

Free trial of Detectify's attack surface management solutions: https://detectify.com/product/surface-monitoring

https://detectify.com/product/application-scanning

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw257

  continue reading

937 episode

Artwork
iconBagikan
 
Manage episode 318189172 series 1161049
Konten disediakan oleh Security Weekly Productions. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly Productions atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.

Modern tech stacks are becoming increasingly complex puzzles of components built in-house and sourced from third-party vendors. With DNS at the center of the infrastructure, and staging and production being sometimes just minutes apart, scanning for CVEs is not enough to stay on top of web threats. There are lots of critical things traditional app scanners won’t catch, like dangling DNS records, subdomain takeover and open S3 buckets. To keep their growing attack surface secure, companies need to combine crowdsourced vulnerability detection with solutions that detect outliers and anomalies in their software - before these become an attack vector. In this episode we’ll discuss:

- Why hunting for vulnerabilities is no longer enough to stay on top of threats

- Vulnerability Management vs Attack Surface Management

- How security teams can adapt their vulnerability management process to modern dev cycles.

Segment Resources:

More insights on how to secure your external attack surface: https://detectify.com/resources

Free trial of Detectify's attack surface management solutions: https://detectify.com/product/surface-monitoring

https://detectify.com/product/application-scanning

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw257

  continue reading

937 episode

Semua episode

×
 
Loading …

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

 

Panduan Referensi Cepat