Why The World Needs A Global CSIRT: Introducing CSIRT.global | A Conversation With Eward Driehuis And Lennaert Oudshoorn | Redefining CyberSecurity Podcast With Sean Martin episode artwork

EPISODE · Jul 21, 2022 · 42 MIN

Why The World Needs A Global CSIRT: Introducing CSIRT.global | A Conversation With Eward Driehuis And Lennaert Oudshoorn | Redefining CyberSecurity Podcast With Sean Martin

from Redefining CyberSecurity · host Sean Martin, ITSPmagazine, Lennaert Oudshoorn, Eward Driehuis

Vulnerabilities are discovered every day. Once found, they make their way into any number of databases that can be used to help organizations take action to put a patch in place... if one is available. But what about the case where the weakness is actively exposed or being exploited? This is where CSIRT.global comes in.Born from the work being done at the Dutch International for Vulnerability Disclosure (DIVD), a team of volunteers have decided to take things to the next level, helping organizations take action when action matters most ... when a vulnerability exists, when that vulnerability is being exploited in the wild, and when an organization is prone to (or is under) attack. That's when the email is sent from CSITR.global to the affected organization, letting them know what the team uncovered."We don't send marketing emails. We don't send emails promoting conferences. When a company gets an email from us, it really means something.” ~EwardThere's a lot going on in this process, from scanning the entire global Internet for every system exposed, identifying vulnerabilities on those systems, and mapping the proof of concept to those two results to determine whether or not an organization is vulnerable or is showing signs of having been compromised. The next piece of the puzzle is figuring out who or what is behind the IP address that was scanned and flagged. This isn't always easy given how IP addresses are assigned and looked up. The next piece of the puzzle is even harder, in that CSIRT.global needs to find a way to contact the affected entity that lives behind the IP address ... which department or person should receive the info and what is their email address? Good luck finding that in a pinch. And, to top it all off, the receiving party needs to trust that the email they received from CSIRT.gloal is both legitimate and must be taken seriously. The process is rooted in information and built on trust - which is one of the main reasons they sought and receive support from the Dutch government.It's this full circle scenario that delivers the real value provided by this group. It can scale to a global nature, but requires the help of the global community. Listen in to hear more about how this works, how to get involved, and how this non-profit organization is redefining cybersecurity.____________________________GuestsEward DriehuisFounder at 3Eyes Security and Chairman at CSIRT.globalOn LinkedIn | https://www.linkedin.com/in/ewarddriehuis/On Twitter | https://twitter.com/e3huisLennaert OudshoornCSIRT Coordinator And Webmaster at Dutch Institute for Vulnerability Disclosure (DIVD) [@DIVDnl]On Twitter | https://twitter.com/lennaert89On LinkedIn | https://www.linkedin.com/in/lennaertoudshoorn/____________________________This Episode’s SponsorsAsgardeo by WSO2: https://itspm.ag/asgardeo-by-wso2-u8vcHITRUST: https://itspm.ag/itsphitweb____________________________ResourcesCSIRT.global: https://csirt.global/ & https://www.divd.nl/DIVD: https://www.divd.nl/ and on LinkedIn: https://www.linkedin.com/company/divd-nl/May Contain Hackers (MCH2022) Hacker Conference: https://mch2022.org/#/____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Vulnerabilities are discovered every day. Once found, they make their way into any number of databases that can be used to help organizations take action to put a patch in place... if one is available. But what about the case where the weakness is actively exposed or being exploited?

NOW PLAYING

Why The World Needs A Global CSIRT: Introducing CSIRT.global | A Conversation With Eward Driehuis And Lennaert Oudshoorn | Redefining CyberSecurity Podcast With Sean Martin

0:00 42:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Darknet Discussions Darknet Discussions Welcome to "Darknet Discussions," the podcast that gets into the shadows of the internet to bring you the most intriguing, enlightening, and sometimes unsettling stories from the dark web. Hosted by seasoned darknet aficionados, each episode of "Darknet Discussions" explores the intricate dynamics of darknet markets, cybersecurity threats, and the digital underworld. Join us as we interview experts, discuss the latest trends in cybercrime, and shed light on the technologies that operate beneath the surface of everyday internet use. Also, we occasionally go off on a tangent about something completely unrelated. IT Trendsetters SynerComm During each episode, our team is joined by a relevant industry expert to gain insight into new IT trends and learn about important IT and cybersecurity concepts. Our goal is to give you the advice your need to safeguard your network and digital assets. The AI-Powered Lawyer River Braun Welcome to The AI-Powered Lawyer, where host River Braun takes you on a journey into the heart of the AI revolution in law. This isn't about traditional legal practice; it's about exploring cutting-edge technology that's transforming the way we work. Each episode dives into the tools, trends, and techniques redefining what it means to be a lawyer in the age of AI. Subscribe and join us as we redefine law...together! IT Jobs's Podcast IT Jobs Two Cisco CCIEs discussing topics related to getting and IT Job or hiring for an IT Job. Focus on both Network Engineering, Cloud, Development, and CyberSecurity and as much reality as can be brought.

Frequently Asked Questions

How long is this episode of Redefining CyberSecurity?

This episode is 42 minutes long.

When was this Redefining CyberSecurity episode published?

This episode was published on July 21, 2022.

What is this episode about?

Vulnerabilities are discovered every day. Once found, they make their way into any number of databases that can be used to help organizations take action to put a patch in place... if one is available. But what about the case where the weakness is...

Can I download this Redefining CyberSecurity episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!