Preview Mode Links will not work in preview mode

Defense in Depth

Mar 31, 2022

All links and images for this episode can be found on CISO Series

What if you didn't spend all your time patching vulnerabilities but instead created a security policy that prevented known vulnerabilities from being exploited. How doable is this solution of virtual patching?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Ody Lupescu, CISO, Ethos Life.

Thanks to our podcast sponsor, Araali Networks

Araali Networks

Managing vulnerabilities at the speed and scale of the cloud is challenging, especially when the implications of a single mistake gives attackers an asymmetric advantage over defenders. Araali allows your security teams to resilient patch and monitor the most valuable apps and services so they cannot be exploited even if they are vulnerable.  To learn more, visit araali.

In this episode:

  • What is virtual patching really? Is it a misnomer?
  • What gets missed when it comes to virtual patching?
  • Looking at a comprehensive approach to virtual patching.