We Speak CVE Podcast — “Swimming in Vulns (or, Fun with CVE Data Analysis)”
The “We Speak CVE” podcast focuses on cybersecurity, vulnerability management, and the CVE Program.
Host Shannon Sabens of CrowdStrike chats with Benjamin Edwards and Sander Vinberg, both of Bitsight, about analyzing vulnerability data in the CVE List. This is a follow-on to their “CVE Is The Worst Vulnerability Framework (Except For All The Others)” talk at CVE/FIRST VulnCon 2024.
Topics discussed include the types of vulnerabilities and vulnerability intelligence they reviewed and the different ways they approached the data; how CVE is a really good framework for compiling information about, and communicating effectively about, vulnerabilities; how increasing the number of CVE Numbering Authorities (CNAs) through federation has improved the quantity and quality of data produced by the program over time; how the overall quality of CVE List data improves for the entire vulnerability management ecosystem when CNAs include CVSS, CWE, CPE, etc., information when their CVE Records are published; and much, much, more!
The “We Speak CVE” podcast is available for free on the CVE Program Channel on YouTube, on the We Speak CVE page on Buzzsprout, and on major podcast directories such as Spotify, Stitcher, Apple Podcasts, iHeartRadio, Podcast Addict, Podchaser, Pocket Casts, Deezer, Listen Notes, Player FM, and Podcast Index, among others.
Please give the podcast a listen and let us know what you think!