EPISODE · Jun 6, 2022 · 40 MIN
Lindsey Polley on the Vulnerabilities Equities Process
from The Lawfare Podcast
The business of offensive cyber operations and intelligence gathering increasingly requires the military and intelligence community to exploit networks, hardware, and software owned or produced by American companies and used by American citizens. Sometimes this exploitation occurs with the use of zero-day vulnerabilities. In order to determine when zero-day vulnerabilities should be exploited versus disclosed to the relevant vendor so that the vulnerability can be patched, the United States government engages in an interagency process known as the Vulnerabilities Equities Process or VEP.Stephanie Pell sat down with Dr. Lindsey Polley, director of defense and national security at Starburst Aerospace, to talk about her recently defended dissertation, “To Disclose or Not to Disclose, That Is the Question: A Methods-Based Approach for Examining & Improving the US Government's Vulnerabilities Equities Process.” They discussed the purpose of the VEP, how it is structured to operate, and how its current state and structure impedes its ability to promote longer-term social good through its vulnerability adjudications. They also talked about some of Lindsey's recommendations to improve the VEP. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.
What this episode covers
The business of offensive cyber operations and intelligence gathering increasingly requires the military and intelligence community to exploit networks, hardware, and software owned or produced by American companies and used by American citizens. Sometimes this exploitation occurs with the use of zero-day vulnerabilities. In order to determine when zero-day vulnerabilities should be exploited versus disclosed to the relevant vendor so that the vulnerability can be patched, the United States government engages in an interagency process known as the Vulnerabilities Equities Process or VEP.Stephanie Pell sat down with Dr. Lindsey Polley, director of defense and national security at Starburst Aerospace, to talk about her recently defended dissertation, “To Disclose or Not to Disclose, That Is the Question: A Methods-Based Approach for Examining & Improving the US Government's Vulnerabilities Equities Process.” They discussed the purpose of the VEP, how it is structured to operate, and how its current state and structure impedes its ability to promote longer-term social good through its vulnerability adjudications. They also talked about some of Lindsey's recommendations to improve the VEP. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.
NOW PLAYING
Lindsey Polley on the Vulnerabilities Equities Process
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m