We Speak CVE
A free podcast about cybersecurity, vulnerability management, and the CVE Program.
Episodes
19 episodes since 2020
Expected Impact of the CNA Rules 4.0
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about the all-new “CVE® Numbering Aut...
May 21, 2024
•
Episode 25
•
37:40
Swimming in Vulns (or, Fun with CVE Data Analysis)
Host Shannon Sabens of CrowdStrike chats with Benjamin Edwards and Sander Vinberg, both of Bitsight, about analyzing vulnerability data in the
April 29, 2024
•
Episode 24
•
43:32
Meet the 3 New CVE Board Members
In this episode — recorded live at “CVE/FIRST VulnCon 2024” — CVE Board member and CVE podcast host Shannon Sa...
April 09, 2024
•
Episode 23
•
25:49
CVE Records States and Tags
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working G...
March 26, 2024
•
Episode 22
•
33:31
The Council of Roots
Learn how CVE Numbering Authority (CNA) partners—ranging from large to small organizations, proprietary and open-source products or projects, disparate business sectors, and different g...
January 30, 2024
•
Episode 21
•
48:09
How the New CVE Record Format Will Benefit Consumers
Shannon Sabens of CrowdStrike and Kent Landfield of Trellix, both of whom are CVE Board members and
September 26, 2023
•
Episode 20
•
25:41
Becoming A CNA—Myths versus Facts
Host Shannon Sabens of CrowdStrike chats with Julia Turkevich of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about th...
June 21, 2023
•
Episode 19
•
22:25
Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0
Kris Britton of the CVE Program speaks with Lisa Olson of Microsoft about Microsoft’s journey adopting the new
March 07, 2023
•
Episode 18
•
30:08
Coordinated Vulnerability Disclosure
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about the recent release of OpenSSF’s “
December 30, 2022
•
Episode 17
•
23:07
An Insider’s View of the CVE Program
Shannon Sabens of CrowdStrike and Tod Beardsley of Rapid7, both of whom are CVE Board<...
September 27, 2022
•
Episode 15
•
23:27
The Value of Assigning CVEs
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about how and why CVEs are assigned, the value of CVEs in vuln...
June 14, 2022
•
Episode 14
•
19:11
Researchers and PSIRTs Working Well Together
Shannon Sabens of CrowdStrike and Milind Kulkarni of a NVIDIA discuss what security researchers should expect when reporting vulnerabilities to a Product Security ...
May 03, 2022
•
Episode 13
•
26:22
Enhancing CVE Records as an Authorized Data Publisher
Kent Landfield of McAfee and Art Manion of CERT/CC discuss how the CVE Program’s upcoming release of
December 07, 2021
•
Episode 11
•
27:45
How Red Hat's Active Participation Helps Improve the CVE Program
Shannon Sabens of CrowdStrike chats with Peter Allor, Fábio Olivé, and Martin Prpic of Red Hat, which is a long-time CVE Numbering Authority (CNA). The benefits of actively participating as a member of the CVE community are discussed, especiall...
November 19, 2021
•
Episode 10
•
24:06
CVE Myths versus Facts
Episode 9 – Three CVE Board members provide the truth and facts about the following myths about the CVE Program: Myth #1: The CVE Program is run entirely by the MITRE Corporation Myth #2: The CVE Program is con...
October 11, 2021
•
Episode 9
•
27:37
CVE Working Groups, What They Are and How They Improve CVE
Our eighth episode is all about how community members actively engage in the six CVE Working Groups (WGs) to help improve quality, automation, processes, and other aspects of the CVE Progr...
September 02, 2021
•
Episode 8
•
26:32
Interview with Larry Cashdollar - A Researcher's Perspective
Episode 4 – Kelly Todd of the CVE Program interviews security researcher Larry Cashdollar about how he got started researching vulnerabilities and his experiences over the years, how he became the CVE Program’s first-ever independent vulnerabil...
April 26, 2021
•
Episode 4
•
20:40
Partnering with the CVE Program
Episode 3 - Shannon Sabens of CrowdStrike speaks with Jo Bazar of the CVE Program, Erin Alexander of CISA ICS, and Tomo Itou of JPCERT/CC about the structure and objectives of the CVE Numbering Authority (CNA) program, what it means to be a Roo...
March 31, 2021
•
Episode 3
•
18:48