All Episodes
Displaying 61 - 80 of 130 in total
Episode 61: Passive vs. Active Vulnerability Detection
Not all scanning involves direct interaction. In this episode, we explore the differences between passive and active vulnerability detection techniques. You'll learn h...
Episode 62: Static vs. Dynamic Analysis Techniques
Some vulnerabilities are embedded in code—others appear only at runtime. In this episode, we unpack the distinction between static and dynamic vulnerability analysis. ...
Episode 63: Scanning Critical Infrastructure Systems (OT/ICS/SCADA)
Operational technology (OT) environments—such as industrial control systems (ICS) and SCADA platforms—pose unique challenges for vulnerability management. In this epis...
Episode 64: Security Baseline Scanning Techniques
Before you can identify deviations, you need a baseline. This episode focuses on how security baseline scans compare systems and configurations against established sec...
Episode 65: Industry Frameworks for Vulnerability Management
Many vulnerability scanning strategies are guided by established frameworks. In this episode, we break down the most widely recognized standards referenced throughout ...
Episode 66: Network Scanning and Mapping Tools
Understanding your network begins with visibility—and that visibility is powered by scanning and mapping tools. In this episode, we introduce key network discovery too...
Episode 67: Web Application Scanning Tools
Web applications are among the most targeted assets in modern enterprises—and automated scanning tools are the first line of defense. In this episode, we take a close ...
Episode 68: Vulnerability Scanners Explained (Nessus, OpenVAS)
At the heart of vulnerability management lies automated vulnerability scanners—and few are more widely used than Nessus and OpenVAS. In this episode, we break down how...
Episode 69: Debugging Tools for Vulnerability Analysts
Not every vulnerability is easy to spot—some require stepping into the execution environment itself. This episode introduces you to common debugging tools like Immunit...
Episode 70: Multipurpose Tools for Advanced Analysts (Nmap, MSF, Recon-ng)
Some tools do it all—and analysts rely on them for everything from scanning to exploitation to open-source intelligence gathering. In this episode, we examine three po...
Episode 71: Cloud Vulnerability Assessment Tools (Scout Suite, Prowler)
The move to the cloud has redefined how organizations think about security—and how analysts perform assessments. In this episode, we explore cloud-native vulnerability...
Episode 72: Understanding CVSS and Scoring Vulnerabilities
Not all vulnerabilities are created equal—and CVSS helps quantify just how severe they are. In this episode, we provide an in-depth breakdown of the Common Vulnerabili...
Episode 73: Validating Scanner Results – Reducing False Positives and Negatives
Automated scanners are powerful—but they’re not perfect. In this episode, we explore the analyst’s role in validating scan results, filtering out false positives, and ...
Episode 74: Context-Aware Vulnerability Analysis
Sometimes the same vulnerability poses very different risks depending on the environment. This episode teaches you how to analyze vulnerabilities in context—a crucial ...
Episode 75: Weaponization and Exploitability Considerations
A vulnerability doesn’t become a threat until someone weaponizes it—and that’s when it becomes truly urgent. In this episode, we explore the concepts of exploitability...
Episode 76: Asset Value and Business Impact
Every vulnerability exists in the context of what it could damage—and that’s where asset valuation comes in. In this episode, we explore how security analysts assess t...
Episode 77: Cross-Site Scripting Vulnerabilities (XSS)
Cross-site scripting, or XSS, is one of the most common and dangerous web application vulnerabilities. In this episode, we break down the three primary types—reflected...
Episode 78: Overflow Vulnerabilities
When a program doesn’t control how much data it processes, memory can be overwritten—and attackers can take control. In this episode, we explore the mechanics and cons...
Episode 79: Data Poisoning Risks
When attackers manipulate training data or trusted inputs, they can corrupt the very systems meant to defend against them. In this episode, we explore data poisoning—a...
Episode 80: Broken Access Control Flaws
Access control determines who can do what—and when it breaks, attackers often find a clear path in. In this episode, we take a deep dive into broken access control vul...
