Paul's Security Weekly Subscribe

Vulnerability Management, Penetration Testing, Automated penetration testing

Do We Need Penetration Testing and Vulnerability Scanning? – Adrian Sanabria, Josh Bressers – PSW #833

June 26, 2024

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate!

Full episode and show notes

Announcements

Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.

Guests

Adrian Sanabria

Principal Researcher at The Defenders Initiative

https://adriansanabria.com

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Vice President of Security at Anchore

Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Everything from managing dependencies, vulnerabilities, security development lifecycle, DevSecOps, security product management, security strategy, and nearly any other task that falls under the security umbrella. Josh co-hosts the Open Source Security Podcast and the Hacker History Podcast. He also is the co-founder of the Global Security Database project to bring vulnerability identification into the modern age.

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Executive Director at Guardedrisk

Brainstem Hacker and InfoSec Enthusiast at Redacted

@survivatrix#0613

Related

Vulnerability Management

Fortinet, Palo Alto, VMWare – PSW #852

November 20, 2024

Fast cars kill people, Apple 0-Days, memory safety, poisoning the well, babble babble and malware that tries really hard to be stealthy, Palto Alto and Fortinet have some serious new vulnerabilities, open-source isn't free, but neither is commercial software, get on the TPM bus, find URLs with stealth, stealing credentials with more Palto Alto and ...

Vulnerability Management

Google DeGoogled, Hammerbarn, Blofeld, VMWare, DeepData, SafePay, Josh Marpet and… – SWN #432

November 19, 2024

Google DeGoogled, Hammerbarn, Blofeld, VMWare, DeepData, SafePay, Josh Marpet and more on the Security Weekly News.

Industry Regulations

Similarities Between SOX And SEC’s Cyber Rule – Padraic O’Reilly – BSW #373

November 18, 2024

The Sarbanes-Oxley (SOX) Act was a watershed moment in corporate governance, fundamentally altering how companies approached financial reporting and internal operational controls. By holding executives personally accountable for the accuracy of financial reports, SOX restored investor confidence in the wake of corporate malfeasance. The SEC's new...