Press "Enter" to skip to content

Vulnerability Disclosure Programs: What MSPs need to know with Jason Slagle

A conversation with Jason Slagle, VP of Operations at an MSP and a security researcher. What is a Bug Bounty program, why do MSPs care, and what should you know about some of the top vendors in the space?

00:00 Intro, Who is Jason?
01:14 What is a vulnerability disclosure program?
02:05 why should an IT services company care about one?
02:56 What are you looking for in a vulnerability disclosure program?
04:31 The start of this was a Washington Post article that covers how Apple takes submissions, but often doesn’t do anything with them.    What’s your take on their approach?
05:31 How about Microsoft?
06:22 Datto?
07:11 ConnectWise?
09:25 Kaseya?
10:24 N-Able?
10:45 What information should be published?
11:21 How does size or criteria for the vendor connect to expectations?
13:01 The new CISA guidance for MSP’s customers – what’s your take on that guidance?
14:02 What should companies in this space do to take action?  

Washington Post Article: https://www.washingtonpost.com/technology/2021/09/09/apple-bug-bounty/

Want to get the show on your podcast app, or get the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/

Support the show on Patreon: https://patreon.com/mspradio/

Want our stuff? Cool Merch? Wear “Why Do We Care?” – Visit https://mspradio.myspreadshop.com

Follow us on:
Facebook: https://www.facebook.com/mspradionews/
Twitter: https://twitter.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
LinkedIn: https://www.linkedin.com/company/28908079/

Subscribe and click the notification bell to get all the latest videos.