Skip to content ↓ | Skip to navigation ↓

Last February, a security researcher claimed he had the ability upload non-media files to YouTube, and he reported this as a major vulnerability hoping that Google would pay him for the discovery. Google, in response, said the discovery was simply a non-security bug.

What exactly is security research anyway?

Listen to episode 130 of our Security Slice podcast and hear Craig Young and Tyler Reguly discuss the difference between finding a bug and finding a vulnerability, and why security research should amount to more than a catchy headline, and why we should consider global governance might be the answer to the gray areas in security research.

Click Here to Listen to the Podcast

 

More Podcasts:

 

Resources:

picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service  for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology.

 

picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

 

Title image courtesy of ShutterStock