Podcasts

CSCP S4EP08 – Jay Jacobs – A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science

CSCP S4EP08 – Jay Jacobs – A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science

Phoenix Security
Phoenix Security
CSCP S4EP08 - Jay Jacobs - A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science
Loading
/

CSCP S4EP08 – Jay Jacobs – A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science

Phoenix Security
Phoenix Security
CSCP S4EP08 - Jay Jacobs - A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science
Loading
/

Notes

Phoenix Security
Phoenix Security
CSCP S4EP08 - Jay Jacobs - A Conversation with Jay Jacobs: Exploring the Future of Vulnerability Management and Data Science
Loading
/

 

This is an enlighting conversation with Jay Jacobs  – Exploring the Future of Vulnerability Management and Data Science

Unlock the secrets of cybersecurity’s intricate dance with data science as I, Francesco Cipollone, sit down with tech wizard J Jacobs, co-founder of Cyanthia. Prepare to be captivated by J’s inspiring tech odyssey, from his youthful fascination with computing to his trailblazing efforts in quantifying cyber risk. We navigate his professional voyage, spanning IT, pen testing and cryptography, revealing how his deep dive into data science has revolutionized our approach to cyber threats. J also imparts his wisdom on the crucial role of statistics and key management in cryptography, offering priceless insights for anyone invested in fortifying their digital defenses.

 

The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://phoenix.security/request-a-demo/ for a free 14-day licence.

 

The journey of vulnerability assessment tools takes center stage as I recount the sophisticated evolution of the Exploit Prediction Scoring System (EPSS). From its humble beginnings as a logistic regression to becoming a powerful API, EPSS serves as a beacon for security professionals looking to quantify the once nebulous concept of risk. The discussion illuminates the delicate dance between utility and data privacy, the quest for a universal risk score, and the aspirational future of EPSS, incorporating additional variables to refine its predictive precision. Finally, J and I tackle the real-world implications of vulnerability management through the lens of EPSS.

We dissect the interplay between EPSS scores and CVSS ratings, using the Log4Shell incident to emphasize the critical need for broader threat intelligence. By acknowledging the system’s limitations and the nuances within open-source vulnerability analysis, we champion the importance of narrative in data interpretation. With a call to action, we invite the cybersecurity community to join forces, enhancing our collective defense through dialogue and open-source innovation.

 

Tune in to this enlightening episode to equip yourself with the knowledge and insights needed to navigate the evolving landscape of cybersecurity.

 

(03:41 – 04:47) Exploring Cryptography and Managing Key Security (66 Seconds)
(07:41 – 08:52) Epss (71 Seconds)
(11:46 – 12:56) The Beauty of EPSS and Application Security Angle (70 Seconds)
(18:02 – 19:16) Exploring EPSS Scores and Vulnerabilities (74 Seconds)
(25:27 – 27:09) EPSS and Its Challenges in AppSec (102 Seconds)
(31:03 – 32:04) Improving Scanning Tools and Analyzing Vulnerabilities (62 Seconds)

 

Jay Jacobs
Linkedin: https://www.linkedin.com/in/jayjacobs1/ 
Twitter: https://twitter.com/jayjacobs 
Cyentia: https://twitter.com/cyentiainst 
EPSS: https://www.first.org/epss/#:~:text=The%20Exploit%20Prediction%20Scoring%20System,be%20exploited%20in%20the%20wild
YL Profile: https://www.ylventures.com/people/caleb-sima/ 

 

Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo 
#CSCP #cybermentoringmonday cybercloudpodcast.com 

 

Social Media Links 
Follow us on social media to get the latest episodes:
Website: http://www.cybercloudpodcast.com/
Linkedin: https://www.linkedin.com/company/35703565/admin/  

Twitter: https://twitter.com/podcast_cyber   

Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/ 
You can listen to this podcast on your favourite player:
Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  

Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ 

 

#Cybersecurity, #ai, #cloud, #appsec

Podcast

Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.

Follow us on social media to get the latest episodes:

Discuss this podcast with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

More episodes

Discover innovative strategies to overcome the cybersecurity talent shortage in this insightful episode with Jitendra Arora, CISO at Deloitte. Dive deep into discussions on talent sourcing, nurturing diverse skills, fostering positive work culture, and self-care in the high-stress field of cybersecurity. Featuring expert insights and practical advice, this episode is a must-watch for cybersecurity professionals and enthusiasts. #CybersecurityInsights
Generated by Feedzy

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris Romeo

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.