Handling a NewVuln: Log4Shell

Show Notes

In our second podcast covering the Paranoids’ approach to remediating the Log4Shell vulnerability, Steven Asifo talks to Sadiah Choudhry and Lisa Hulen — who work inside Yahoo’s Vulnerability Management team responsible for handling newly disclosed security vulnerabilities. 

They discuss: 

• The Elements of Vulnerability Management (2:46)
• Defining a NewVuln (4:40)
• What’s an S-Bug?! (12:15)
• Responding to an Unprecedented Event (15:31)
• A Companywide Culture of Collaboration (19:03)
• Big Takeaways (26:28)

Host: Steven Asifo (Technical Security Manager, Governance, Risk, and Compliance)

Guests:  Sadiah Choudhry (Technical Security Manager, Vulnerability and Control Operations Team) and Lisa Hulen (Vulnerability Management Lead)

Chapters

• 3:05: The Elements of Vulnerability Management
• 4:59: Defining a NewVuln
• 12:34: What’s an S-Bug?!
• 15:50: Responding to an Unprecedented Event
• 19:22: A Companywide Culture of Collaboration
• 26:47: Big Takeaways