Created with Sketch.
28 minutes | Jan 4, 2021
Episode 31: Cisco Security Outcomes Study
Wade and Ben give Jay a "behind the scenes" look at the survey creation, collection, analysis and all the other work that went into the Cisco Security Outcomes Study that was released early December, 2020. https://blogs.cisco.com/security/introducing-the-new-cisco-security-outcomes-study
23 minutes | Dec 17, 2020
Episode 30: Talking Vulnerability Management
Jay, Wade, David and Ben get a little philosophical as they talk about vulnerability management and the new research included in Kenna's latest volume of the Prioritization to Prediction series. That research looks at the timeline and lifecycle of vulnerabilities, how quickly do patches come out? how quickly are CVEs published? when do vulnerability scanners start reporting and when do organizations start patching? All volumes (including the 6th volume discussed here) can be retrieved from https://www.kennasecurity.com/resources/prioritization-to-prediction-reports/
21 minutes | Dec 7, 2020
Episode 29: Extreme Security Events: IRIS Xtreme
David, Jay, Ben and Wade discuss their recent research into extreme security events made possible by Visible Risk. The group discusses the takeaways and the various elements that stood out from the research. The research is freely available at https://www.cyentia.com/iris/
26 minutes | Nov 30, 2020
Episode 28: 2020 State of Software Security
Chris Eng joins David, Ben and Jay to talk about Volume 11 of Veracode's State of Software Security. But rather than focusing on the various statistics, they focused on time-to-fix and how the various attributes of the development teams, applications and development environments affect the remediation timelines. https://www.veracode.com/state-of-software-security-report
12 minutes | Oct 9, 2020
Episode 27: The Meaning of Unsafe Services
In this "PhD Edition" of the Cyentia Podcast, Wade and Ben discuss recently published research examining the significance of companies exposing unsafe services to the Internet.
28 minutes | Sep 14, 2020
Episode 26: Library Update, Early September 2020
Our regular library update covering recent additions including cybersecurity research from the ITU, Sonatype Tenable, and more. This is the audiobook companion to our regular library update newsletter. For the newsletter sign up at https://bit.ly/cyentialibrary. As always, you can find the library at https://library.cyentia.com.
24 minutes | Aug 24, 2020
Episode 25: Library Update, August 2020
Our regular library update covering recent additions including research from the ITU, Sonatype Tenable, and more. This is the audiobook companion to our regular library update newsletter. For the newsletter sign up at https://bit.ly/cyentialibrary. As always, you can find the library at https://library.cyentia.com.
23 minutes | Jul 22, 2020
Episode 24: Library Update, Mid July 2020
Our regular library update covering recent additions including research from Crypsis, RiskRecon, IBM, and more. This is the audiobook companion to our regular library update newsletter. For the newsletter sign up at https://bit.ly/cyentialibrary. As always, you can find the library at https://library.cyentia.com.
27 minutes | Jul 7, 2020
Episode 23: Library Update, Late June 2020
Our first library update covering recent additions including research from Hacker One and Bugcrowd, ESI Thoughtlab, Audit Analytics, Hiscox and Snyk. This is the audiobook version of what we share in the library newsletter.For the newsletter sign up at https://bit.ly/cyentialibrary. As always, you can find the library at https://library.cyentia.com.
19 minutes | Jun 22, 2020
Episode 22: Cyentia Library Launched!
The Cyentia Library has been overhauled and the new and improved library has been released at https://library.cyentia.com/. David has done quite a bit of work on the back end (and front end) to get this working and he's joined by Ben, Wade and Jay to talk about all about the new library site. When visiting the Cyentia Library, be sure to sign up for the Library newsletter, a low-volume (estimated at once every two weeks) series of updates highlighting new content and features of the library, delivered direct to your inbox!
27 minutes | Jun 18, 2020
Episode 21: State of Open Source Software Security
Ben, Jay, David and Wade discuss the state of Open Source Software Security and focus on recent research we helped produce with Veracode. The report is available from Veracode at https://info.veracode.com/report-state-of-software-security-open-source-edition.html
52 minutes | Jan 21, 2020
Episode 20: Daniel Woods
Jay and Ben are joined by Daniel Woods. Daniel is a postdoctoral researcher at the University of Innsbruck in Austria. He received his doctorate titled “The Economics of Cyber Risk Transfer” from the Department of Computer Science at the University of Oxford. During his PhD, he visited the Security Economics Lab at the University of Tulsa as a Fulbright Scholar, and completed an internship with Willis Towers Watson. We discuss three papers from Daniel: Does insurance have a future in governing cybersecurity? The County Fair Cyber Loss Distribution: Drawing Inferences from Insurance Prices Cyber warranties: market fix or marketing trick?
25 minutes | Dec 30, 2019
Episode 19: Ripples Across the Risk Surface
We recently released some research with Risk Recon looking at the "ripple effect" of security incidents. David, Wade, Ben and Jay talk about the behind-the-scenes work and our favorite parts of the research. Get a copy of the research from https://www.riskrecon.com/ripples-across-the-risk-surface.
25 minutes | Dec 12, 2019
Episode 18: Veracode SOSS Vol 10
Jay, Wade, Ben and David come together to talk about Veracode's State of Software Security report Volume 10. It can be found at Veracode's website: https://www.veracode.com/state-of-software-security-report
36 minutes | Nov 25, 2019
Episode 17: Exploit Prediction Scoring System
Jay, Ben and David talk about the Vegas summer conferences and the Exploit Prediction Scoring System announced at Blackhat 2019. https://www.blackhat.com/us-19/briefings/schedule/index.html#predictive-vulnerability-scoring-system-16147
29 minutes | Jul 30, 2019
Episode 16: Welcome David/Blackhat 2019
We welcome David Severski to both Cyentia and the podcast and discuss his outlook on security. Then we turn towards Blackhat 2019 where we have five events we are participating in! Find the full list of events we are doing at https://www.cyentia.com/events/
49 minutes | May 31, 2019
Episode 15: Behind the 2019 Verizon DBIR
Jay and Wade are joined by Alex Pinto, Dave Hylender, Gabriel Basset and Suzanne Widup, the authors behind the 2019 Verizon Data Breach Investigations Report.
32 minutes | May 9, 2019
Episode 14: Vendor-Driven Research
Jay, Wade and Ben talk vendor-driven research, exploring alternatives and beginning the discussion on what makes a good research publication (it'll be a longer discussion than this podcast!)
38 minutes | Apr 16, 2019
Episode 13: Welcome Ben
Ben Edwards recently joined Cyentia, and joins Jay and Wade on his first podcast. They talk about research for RiskRecon briefly discuss Ternary plots and heirarchical models (the research will be out soon). They also cover the Prioritization to Prediction Volume 3 research recently released in partnership with Kenna Security.
46 minutes | Jan 2, 2019
Episode 12: Dr. Andrew Coburn
Dr. Andrew Coburn join Jay and Wade to talk about catastrophe modeling in security and his book “Solving Cyber Security: Protecting Your Company and Society”.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2021