In this episode, Jacob speaks with cybersecurity researcher Patrick Garrity!

Patrick Garrity is a seasoned security researcher at VulnCheck where he focuses on vulnerabilities, vulnerability exploitation and threat actors.

In this episode they discuss the importance of integrating threat intelligence into vulnerability management using the Exploit Prediction Scoring System (EPSS), CISA Known Exploited Vulnerabilities Catalog, and the changes in CVSS 4.0!

Here are some highlights from the episode:

• How Exploit Prediction Scoring System (EPSS) can predict exploitation
• How vulnerability scanners integrate EPSS
• CISA's Known Exploited Vulnerabilities (KEV) Catalog
• The national security implications of vulnerability management

Follow Patrick on LinkedIn: https://www.linkedin.com/in/patrickmgarrity/

VulnCheck Website: https://vulncheck.com/

Thanks to our sponsor Keeper Security!

Need a FedRAMP authorized Password Manager? See how Keeper can help you comply with CMMC: https://www.keepersecurity.com/cmmc/?utm_source=grcacademy&utm_medium=display&utm_campaign=cmmc_video

Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/

-----------

Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!

Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e22&utm_campaign=courses