Moshe Zioni of Apiiro talks about threat research and how to properly report discovered code vulnerabilities. We discuss the ways that vulnerabilities can find their way into code despite your best intentions, the difference between full disclosure and responsible disclosure, and being in the last generation to still grow up before the internet changed everything.
\u2013 Free cybersecurity training resources: https://www.infosecinstitute.com/free
\u2013 View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
0:00 - Cybersecurity threat research\xa0
2:21 - Getting interested in computers
3:25 - Penetration testing and threat research\xa0
6:15 - Code vulnerabilities\xa0
10:58 - Research process for vulnerabilities\xa0
17:05 - Proper reporting of threats
23:11 - Full disclosure vs proper disclosure
25:53 - Current security threats
30:20 - Day-to-day work of security researchers\xa0
32:02 - Tips for working in pentesting\xa0
35:32 - What is Apiiro?
39:11 - Learn more about Moshe Zioni\xa0
39:42 - Outro
About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It\u2019s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.