We Speak CVE
A free podcast about cybersecurity, vulnerability management, and the CVE Program.
Episodes
22 episodes
CVE Record Disputes Explained
In this episode of the “We Speak CVE” podcast, MITRE’s CVE and CWE Project Lead Alec Summers chat...
The CVE Consumer Working Group (CWG)
“We Speak CVE” podcast host Shannon Sabens chats with CVE Consumer Working Group (CWG) co-chairs, Jay Jacobs and Bob Lord, and
Mapping the Root Causes of CVEs
“We Speak CVE” podcast host Shannon Sabens chats with CVE™/CWE™ Project Lead Alec Summers and
25 Years of CVE and What’s Next
Host Shannon Sabens speaks with fellow CVE Board members Kent Landfield and Madison Oliver and CVE Program Lead Alec Summers about the
CNA Onboarding Process Myths Versus Facts
Shannon Sabens of CrowdStrike chats with Dave Morse, program coordination lead for the CVE Program, about the myths and facts of the
Expected Impact of the CNA Rules 4.0
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about the all-new “CVE® Numbering Aut...
Swimming in Vulns (or, Fun with CVE Data Analysis)
Host Shannon Sabens of CrowdStrike chats with Benjamin Edwards and Sander Vinberg, both of Bitsight, about analyzing vulnerability data in the
Meet the 3 New CVE Board Members
In this episode — recorded live at “CVE/FIRST VulnCon 2024” — CVE Board member and CVE podcast host Shannon Sa...
CVE Records States and Tags
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working G...
The Council of Roots
Learn how CVE Numbering Authority (CNA) partners—ranging from large to small organizations, proprietary and open-source products or projects, disparate business sectors, and different g...
How the New CVE Record Format Will Benefit Consumers
Shannon Sabens of CrowdStrike and Kent Landfield of Trellix, both of whom are CVE Board members and
Becoming A CNA—Myths versus Facts
Host Shannon Sabens of CrowdStrike chats with Julia Turkevich of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about th...
Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0
Kris Britton of the CVE Program speaks with Lisa Olson of Microsoft about Microsoft’s journey adopting the new
Coordinated Vulnerability Disclosure
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about the recent release of OpenSSF’s “
An Insider’s View of the CVE Program
Shannon Sabens of CrowdStrike and Tod Beardsley of Rapid7, both of whom are CVE Board<...
The Value of Assigning CVEs
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about how and why CVEs are assigned, the value of CVEs in vuln...
Researchers and PSIRTs Working Well Together
Shannon Sabens of CrowdStrike and Milind Kulkarni of a NVIDIA discuss what security researchers should expect when reporting vulnerabilities to a Product Security ...
Enhancing CVE Records as an Authorized Data Publisher
Kent Landfield of McAfee and Art Manion of CERT/CC discuss how the CVE Program’s upcoming release of
How Red Hat's Active Participation Helps Improve the CVE Program
Shannon Sabens of CrowdStrike chats with Peter Allor, Fábio Olivé, and Martin Prpic of Red Hat, which is a long-time CVE Numbering Authority (CNA). The benefits of actively participating as a member of the CVE community are discussed, especiall...
CVE Myths versus Facts
Episode 9 – Three CVE Board members provide the truth and facts about the following myths about the CVE Program: Myth #1: The CVE Program is run entirely by the MITRE Corporation Myth #2: The CVE Program is con...