March 31, 2022

Handling a NewVuln: Log4Shell

Note: Verizon Media is now known as Yahoo.

Paranoids Podcast on a phone with headphones

In our second podcast covering the Paranoids’ approach to remediating the Log4Shell vulnerability, Steven Asifo talks to Sadiah Choudhry and Lisa Hulen — who work inside Yahoo’s Vulnerability Management team responsible for handling newly disclosed security vulnerabilities.

They discuss:

The Elements of Vulnerability Management (2.46)
Defining a NewVuln (4:40)
What’s an S-Bug?! (12:15)
Responding to an Unprecedented Event (15:31)
A Companywide Culture of Collaboration (19:03)
Big Takeaways (26:28)

Host: Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)

Guests: Sadiah Choudhry (Technical Security Manager, Vulnerability and Control Operations Team) and Lisa Hulen (Vulnerability Management Lead)

Handling a NewVuln: Log4Shell

More from the Paranoids

Making Red Teaming Easier: ASHIRT, An Open Source Tool For Operators

Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing

Suddenly a CISO?! Four Pieces of Transitional Advice

More from the Paranoids

Making Red Teaming Easier: ASHIRT, An Open Source Tool For Operators

Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing

Suddenly a CISO?! Four Pieces of Transitional Advice