Very helpful post and great recommendations. You don't mention anything about identifying Zero Days. Is that because the post is primarily focused on CVEs and CVE alternatives or is it intentional?
This newsletter was primarily focused on educating readers about CVE and the overall program. You’re absolutely right — there are vulnerabilities that haven’t been publicly disclosed or resolved (zero-days). It would definitely be worth dedicating another episode to strategies for addressing zero-days in the future.
Very helpful post and great recommendations. You don't mention anything about identifying Zero Days. Is that because the post is primarily focused on CVEs and CVE alternatives or is it intentional?
This newsletter was primarily focused on educating readers about CVE and the overall program. You’re absolutely right — there are vulnerabilities that haven’t been publicly disclosed or resolved (zero-days). It would definitely be worth dedicating another episode to strategies for addressing zero-days in the future.