Establishing Defender Advantage w/ Cyentia Institute
00:00
00:00
1x
- 0.5
- 1
- 1.25
- 1.5
- 1.75
- 2
This is a podcast episode titled, Establishing Defender Advantage w/ Cyentia Institute. The summary for this episode is: <p>We tackle a hotly contested debate as old as cybersecurity itself: does releasing exploit code do more harm than good?</p>
Key Takeaways
Intros & Revealing Dr. Edward's Source Code
01:33 MIN
Picking Up Where Volume 6 Left Off
01:14 MIN
P2Pv7 Data Sources
04:24 MIN
TLDR: Results of 3 Hypothesis Tested
01:03 MIN
Public Exploit Code Existing Is What Matters
02:14 MIN
Hypothesis 1: Releasing Exploit Code Early Leads to Earlier Remediation
04:16 MIN
Hypothesis 1 Rejected
02:34 MIN
Hypothesis 2: Releasing Exploit Code Early Leads to Earlier Detection
05:32 MIN
New Idea Exploit Escrow Services
05:30 MIN
Hypothesis 3: Releasing Exploit Code Early Leads to Earlier Exploitation
02:47 MIN
Public Exploit Code Correlates to 15X Exploitation Activity
00:44 MIN
When Public Exploit Code Exists & It's An RCE = 30X Exploit Activity
01:01 MIN
Correlation & Impact to Coordinated Disclosure
03:48 MIN
Vendor Popularity & Exploitation Rates
05:55 MIN
Kenna's Unmagic Quadrant
04:44 MIN
Plotting Remediation vs. Exploit Activity for 24 Vendors
05:16 MIN
Go Home CVSS, You're Drunk
04:35 MIN
Attacker/Defender Advantage Per Vendor
02:20 MIN
Takeaways From Ed/Jay/Michael
08:51 MIN
DESCRIPTION
We tackle a hotly contested debate as old as cybersecurity itself: does releasing exploit code do more harm than good?
Today's Host
Dan Mellinger
|
Recent Episodes
Vulnerability Analysis and Visualization Using CVE(dot)ICU
Episode 14 | 05.26.2023
Why Hasn't Cybersecurity Been Automated?
Episode 13 | 02.16.2022
What To Look For In CVEs
Episode 12 | 02.02.2022
Measuring and Minimizing Exploitability w/ Cyentia Institute
Episode 12 | 01.19.2022
Exploit Prediction Scoring System - Now With Live Data
Episode 10 | 08.18.2021
How CIOs Get Things Done
Episode 8 | 05.26.2021