Making vulnerability management and incident response actually work. Also, the News! - Beck Norris, Ryan Fried, José Toledo - ESW #442

Making vulnerability management and incident response actually work. Also, the News! - Beck Norris, Ryan Fried, José Toledo - ESW #442

Author: Security Weekly Productions January 19, 2026 Duration: 1:43:26
Security Weekly Podcast Network (Video)
TechnologyNews

Segment 1 with Beck Norris - Making vulnerability management actually work

Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity.

Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure.

Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work

Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What's going on here, why does this happen???

Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again!

Segment Resources:

  • [Mandiant - Best practices for incident response planning]

(https://services.google.com/fh/files/misc/mandiantincidentresponsebestpractices_2025.pdf?linkId=19287933)

Segment 3 - Weekly Enterprise News

Finally, in the enterprise security news,

  1. Almost no funding…
  2. Oops, all acquisitions!
  3. Changes in how the US handles financial crimes and international hacking
  4. Mass scans looking for exposed LLMs
  5. The state of Prompt injection
  6. be careful with Chrome extensions
  7. and home electronics from unknown brands
  8. Is China done with the West?

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-442


Dive into the ever-evolving world of digital defense with the Security Weekly Podcast Network (Video). Produced by Security Weekly Productions, this network isn't a single perspective but a comprehensive hub where different facets of cybersecurity come into focus through distinct, dedicated shows. You'll find episodes from series like Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News, all curated in one feed. This structure means that whether you're analyzing code, shaping corporate policy, or managing infrastructure, there's relevant content for you. The discussions move beyond headlines, offering practical analysis and expert insights that help make sense of complex threats and solutions. By blending technology deep dives with timely news commentary, this video podcast provides a multi-dimensional view of the field, suitable for professionals who need to stay informed and enthusiasts curious about how security shapes our digital lives. It’s a consistent resource for anyone looking to understand not just what is happening in cybersecurity, but why it matters and how to respond.
Author: Language: English Episodes: 100

Official website RSS
instagramyoutubediscordlinkedinspotifygithub
Security Weekly Podcast Network (Video)
Podcast Episodes
Digging For Vulnerability Gold - PSW #909 [not-audio_url] [/not-audio_url]

Duration: 2:07:03
In the security news: KVMs are a hacker's dream Hacking an e-scooter Flipper Zero alternatives The best authentication bypass Pwning Claude Code ForiSIEM, vulnerabilities, and exploits Microsoft patches and Secure Boot f…
Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365 [not-audio_url] [/not-audio_url]

Duration: 53:33
Not all infosec advice is helpful. Bad advice wastes time, makes people less secure, and takes focus away from making software more secure. Bob Lord talks about his efforts to tamp down hacklore -- the security myths and…
No FlipperZeros Allowed - PSW #908 [not-audio_url] [/not-audio_url]

Duration: 2:05:29
This week in the security news: Supply chain attacks and XSS PS5 leaked keys Claude tips for security pros No Flipper Zeros allowed, or Raspberry PIs for that matter Kimwolf and your local network Linux is good now Remov…

«1...5678910»