Month: April 2019

  • CVE and the matter of “unique” ID numbers

    CVE and the matter of “unique” ID numbers

    Common Vulnerability Enumeration, now known as Common Vulnerabilities and Exposures (CVE) is a vulnerability database (ignore their silly claim to be a ‘dictionary’) that the information security industry relies on heavily, unfortunately. Per MITRE’s CVE page, “CVE® is a list of entries—each containing an identification number, a description, and at least one public reference—for publicly…

  • Questions to Ask When Shopping for Threat Intelligence – Recorded Future Podcast

    Questions to Ask When Shopping for Threat Intelligence – Recorded Future Podcast

    On April 2, 2019, I was a guest on the Recorded Future podcast. The episode was titled “Questions to Ask When Shopping for Threat Intelligence”. The summary: “Our guest today is Brian Martin, vice president of vulnerability intelligence at Risk Based Security, a company that provides risk identification and security management tools leveraging their data-breach…