The Adversarial Podcast Ep. 7 - Security Certs, Vulnerability Disclosure, and Effective Security Controls

Listen as CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the value of security exams and question the relevance of certain certifications in today’s industry. Then, they debate into the vulnerability disclosure process, exploring how CVEs impact companies outside the SaaS world and whether CISA’s "Secure by Design" initiative is truly effective across industries. Finally, they discuss security misprioritization, from school systems to corporate desktops, and the evolving role of account management in protecting digital crown jewels.StoriesLinkedIn Post on ISC2 exams - https://www.linkedin.com/posts/mlockhart_hate-to-see-how-isc2-has-devolved-over-the-activity-7234368996647604225-tKVp“Is the vulnerability disclosure process glitched? How CISOs are being left in the dark” - https://www.csoonline.com/article/3491353/is-the-vulnerability-disclosure-process-a-glitch-in-itself-how-cisos-are-being-left-in-the-dark.htmlLinkedIn Post on Chrome DevTools blocked in schools - https://www.linkedin.com/posts/perullo_im-lucky-enough-to-have-my-6th-grade-daughter-activity-7237092980996632577-5T6200:00 Intro01:00 ISC2 Exams20:39 VDP and Secure by Design35:29 Security controls49:06 Admin accounts