Ep. 16 - The Birth of the CVE System, created by Adam Shostack

Hackers to Founders

Player FM - Internet Radio Done Right

Đã thêm cách đây hai mươi tuần

Nội dung được cung cấp bởi Chris Magistrado. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Chris Magistrado hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/techsurge-deep-tech-vc-podcast">TechSurge: Deep Tech VC Podcast</a></span>

1
TechSurge: Deep Tech VC Podcast

Hủy theo dõi

cách đây 4 ngày trướccách đây 4d ago

Hủy theo dõi

Hàng tháng+

The TechSurge: Deep Tech VC Podcast explores the frontiers of emerging tech, venture capital, and business. For entrepreneurs, investors, tech professionals, or anyone interested in where technology is headed next. Presented by Celesta Capital, and hosted by Celesta Founding Partners Nic Brathwaite, Michael Marks, and Sriram Viswanathan. Join us as we examine the next major tech cycle, uncover emerging global tech hubs, and analyze where VC investment dollars are headed. Tune in to hear directly from Silicon Valley leaders, daring new founders, and visionary thinkers. Past guests on the podcast and TechSurge Live summits include Kara Swisher, Vinod Khosla, former PepsiCo CEO Indra Nooyi, Micron CEO Sanjay Mehrotra, and others. Each discussion delves into the intersection of technology advancement, market dynamics, and the founder journey, offering insights into the vast opportunities and complex challenges ahead. Episode topics include AI, data center transformation, blockchain, cyber security, healthcare innovation, VC investment trends, tips for first-time founders, and more. New episodes release every two weeks. Visit techsurgepodcast.com for more details and to sign up for our newsletter and other content!

cách đây khoảng một năm trước 1:43:24

MP3•Trang chủ episode

Beyond his technical achievements, Adam emphasizes the significance of education, training, and mentorship in advancing cybersecurity. He explains his transition from product development to focusing on training and creating scalable educational programs, ensuring that essential security skills are widely disseminated. Adam also explores his collaboration with Cyber Green to establish cyber public health, aiming to apply public health methodologies to measure and mitigate cyber impacts effectively. Throughout the conversation, Adam underscores the importance of diversity in fostering innovative solutions and the need for adaptable strategies in an ever-evolving threat landscape. His dedication to making cybersecurity more inclusive and his visionary approach to integrating interdisciplinary techniques position him as a key thought leader committed to enhancing global security practices.

People

Adam Shostack: Renowned cybersecurity expert, co-creator of the Common Vulnerabilities and Exposures (CVE) system, author of several influential books on threat modeling and security design.
Frank Abagnale: Subject of the book "Catch Me If You Can," which influenced Adam's childhood interest in security and deception techniques.
Leonardo DiCaprio: Actor who portrayed Frank Abagnale in the movie adaptation of "Catch Me If You Can."
Mike Howard: Worked alongside Adam on the Secure Development Lifecycle team.
Steve Lipner: Collaborated with Adam on threat modeling initiatives.
Rob Kinnaki: Worked with Adam on the cyber public health project, contributing to the development of new cybersecurity disciplines.
Tara Wheeler: Partnered with Adam in establishing cyber public health methodologies.
Heidi Trust: Recommended by Adam as a notable figure intersecting usability and security.
Gene Spafford: Part of Adam's professional network, contributing to cybersecurity discourse.
Steve Belvin: Known to Adam, part of his network of cybersecurity professionals.
Bruce Schneier: Part of Adam's extensive network within the cybersecurity community.
Marcus Ranham: Known to Adam, contributing to his professional relationships.
Mudge: Met by Adam during his time at BBN, part of his influential network.
Weld Pond: Met by Adam at BBN, contributing to his professional connections.
Prerit Garg: Contributor to threat modeling methodologies.
Lance Cottrell: Influenced Adam's work on anonymized networks at Zero Knowledge Systems.
Paul Syverson: Co-inventor of onion routing. His work influenced the development of anonymized network systems like Tor and Zero Knowledge Systems.
Steve Christie: Involved in the development of the CVE system.
Dave Mann: Collaborated with Adam on creating the CVE system.
Andre Fresh: Worked with Adam on developing the CVE system.
Tony Sager: Helped secure funding for the CVE system through collaboration with MITRE.
Stephen Savage: Involved in ransomware detection research, mentioned in relation to cyber public health.

Organizations

CVE (Common Vulnerabilities and Exposures): A standardized system for identifying and categorizing cybersecurity vulnerabilities. Co-created by Adam Shostack to provide a common reference for vulnerabilities across different platforms and organizations.
Net Tech
- Startup focused on developing vulnerability scanners. Adam played a pivotal role in this successful startup, contributing to the creation of security tools.
Zero Knowledge Systems: Startup aimed at creating anonymized network solutions similar to Tor. Adam joined this company to work on privacy-focused technologies.
MITRE: Not-for-profit organization that manages various federally funded research and development centers. Collaborated with Adam to develop and support the CVE system.
Secure ID: Company that produced authentication tokens. Adam conducted security and privacy reviews of their products early in his career.
BBN (Bolt Beranek and Newman Inc.) Technology company known for its work on ARPANET and early internet infrastructure. Adam worked here and met key figures like Mudge and Weld Pond.
DEF CON: One of the world's largest and most notable hacker conventions. Adam attended DEF CON, sharing experiences and networking with other security professionals.
2600: Hacker community magazine and associated meetings. Part of the hacker culture Adam was involved with during his early career.
ShmooCon: Annual East Coast hacker convention. Adam attended and interacted with the hacker community here.
CISA (Cybersecurity and Infrastructure Security Agency): U.S. federal agency responsible for cybersecurity and infrastructure protection. Mentioned in the context of cybersecurity research and vulnerability management.

Products and Tools

CVE System (Common Vulnerabilities and Exposures): A standardized system for identifying and cataloging cybersecurity vulnerabilities. Co-created by Adam Shostack to provide a common reference across the cybersecurity industry.
Hacker Shield: Vulnerability scanner developed by Adam's company. Used by organizations to identify and remediate security vulnerabilities.
Stride: A mnemonic framework for threat modeling (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). Developed by Prerit Garg and others to help structure threat analysis.
Tor: An anonymity network that directs internet traffic through a free, worldwide, volunteer overlay network. Influenced the development of Zero Knowledge Systems' anonymized network products.
Mixmaster: Asynchronous email router designed for anonymizing email traffic. Developed by Lance Cottrell, influencing Adam's work on privacy-focused networking.
Log4j: Java-based logging utility with significant vulnerabilities exploited in cybersecurity attacks. Discussed by Adam in the context of vulnerability management and public health approaches to cybersecurity.

18 tập

#Tech #Entrepreneur #Business #Chris Magistrado #Cybersecurity #Cyber Security #InfoSec #Information Security #Hacking #Hackers #Startup #Start #Investing #CEO #Founders