Patching, Evil AI, Supply Chain Breaches - BTS #64 episode artwork

EPISODE · Nov 24, 2025 · 1H 8M

Patching, Evil AI, Supply Chain Breaches - BTS #64

from Below the Surface (Audio) - The Supply Chain Security Podcast · host Paul Asadooorian

Summary In this episode, the hosts discuss various cybersecurity topics, including recent vulnerabilities in Fortinet products, the implications of supply chain breaches, the evolving role of AI in cybersecurity, and updates to the OWASP Top 10 list. They emphasize the importance of firmware security and the need for better visibility and standards in the industry. The conversation highlights the challenges faced by defenders in a rapidly changing threat landscape and the necessity for proactive measures to secure systems. Takeaways Fortinet vulnerabilities are critical and require immediate attention. Silent patches can lead to significant security risks. AI is being used by both attackers and defenders in cybersecurity. The OWASP Top 10 has been updated to include software supply chain failures. Firmware security is often overlooked but is essential for device safety. Supply chain breaches can have far-reaching implications for organizations. Visibility into firmware and device security is lacking in the industry. Standards for software security are necessary to protect against vulnerabilities. Defenders need better tools to combat evolving threats. The cybersecurity landscape is becoming increasingly complex and interconnected. Chapters 00:00 Introduction and Technical Setup 03:08 Fortinet Vulnerabilities and Exploits 06:05 Public Exploits and Path Traversal Vulnerabilities 09:00 Chaining Vulnerabilities and Risk Assessment 11:50 Authentication and Vulnerability Scoring 15:04 Operational Complexity in Patch Management 17:55 Silent Patches and Their Implications 20:58 Challenges with Network Device Security 24:55 Cyber Insurance and Vulnerability Trends 27:58 The Impact of Silent Patches 30:46 End of Life Devices and Legacy Systems 34:58 Supply Chain Security and Source Code Theft 39:44 AI in Cybersecurity: Opportunities and Threats 47:17 Navigating AI's Guardrails and Malicious Use Cases 49:24 The Dilemma of AI and Harmful Intentions 52:44 The Need for Researcher Access to AI Tools 58:36 OWASP Top 10 Updates and Supply Chain Security 01:05:12 The Challenges of Firmware and Device Security

NOW PLAYING

Patching, Evil AI, Supply Chain Breaches - BTS #64

0:00 1:08:03

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Below the Surface (Audio) - The Supply Chain Security Podcast?

This episode is 1 hour and 8 minutes long.

When was this Below the Surface (Audio) - The Supply Chain Security Podcast episode published?

This episode was published on November 24, 2025.

What is this episode about?

Summary In this episode, the hosts discuss various cybersecurity topics, including recent vulnerabilities in Fortinet products, the implications of supply chain breaches, the evolving role of AI in cybersecurity, and updates to the OWASP Top 10...

Can I download this Below the Surface (Audio) - The Supply Chain Security Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!