In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source library. Mark talks about how the Internet community can come together ahead of the next vulnerability to make sure the mistakes that are evident in the response to Log4j aren’t repeated.
In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses.
We talk with Casey Ellis, founder and CTO of BugCrowd about how the market for software bugs has changed since the first bug bounty programs emerged nearly 20 years ago, and what’s hot in bug hunting in 2021.
With the attention given to the threats posed by ransomware, why do organizations still fall victim to these attacks? Max Henderson, the Manager of Incident Response at Pondurance joins us to talk about what companies get wrong in responding to ransomware and other threats.
We speak with John Shegerian of ERI about his new book: “The Insecurity of Everything” and how our e-waste may be exposing sensitive data to other nations.