March 31, 2022

Handling a NewVuln: Log4Shell

Note: Verizon Media is now known as Yahoo.

Paranoids Podcast on a phone with headphones

In our second podcast covering the Paranoids’ approach to remediating the Log4Shell vulnerability, Steven Asifo talks to Sadiah Choudhry and Lisa Hulen — who work inside Yahoo’s Vulnerability Management team responsible for handling newly disclosed security vulnerabilities. 

They discuss: 

  • The Elements of Vulnerability Management (2.46)
  • Defining a NewVuln (4:40)
  • What’s an S-Bug?! (12:15)
  • Responding to an Unprecedented Event (15:31)
  • A Companywide Culture of Collaboration (19:03)
  • Big Takeaways (26:28)

Host: Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)

Guests:  Sadiah Choudhry (Technical Security Manager, Vulnerability and Control Operations Team) and Lisa Hulen (Vulnerability Management Lead)