Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350

30/09/2025 1h 14min

Listen "Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350"

Descargar episodio Ver en sitio original

Episode Synopsis

Dealing with vulns tends to be a discussion about prioritization. After all, there a tons of CVEs and dependencies with known vulns. It's important to figure out how to present developers with useful vuln info that doesn't overwhelm them. Francesco Cipollone shares how to redirect that discussion to focus on remediation and how to incorporate LLMs into this process without losing your focus or losing your budget. In the news, supply chain security in Ruby and Rust, protecting package repositories, refining CodeQL queries for security, refactoring and Rust, an OWASP survey, and more! Show Notes: https://securityweekly.com/asw-350

More episodes of the podcast Application Security Weekly (Video)

Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360 09/12/2025

Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359 02/12/2025

Figuring Out Where to Start with Secure Code - ASW #358 25/11/2025

Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357 18/11/2025

Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356 11/11/2025

Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355 04/11/2025

Quantum Computing Isn't A Threat To Blockchains - Yet - Sandy Carielli, Martha Bennett - ASW #354 28/10/2025

Reacting to Ransomware and Setting Secure Defaults - Rob Allen - ASW #353 21/10/2025

Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352 14/10/2025

Finding Large Bounties with Large Language Models - Nico Waisman - ASW #351 07/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350

Listen "Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350"

Episode Synopsis

More episodes of the podcast Application Security Weekly (Video)

Telecommuting for employees of trust

Bandwidth: Broadband or Narrowband?

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD