Join Us 11-07-25 for “Hacking Remediation” – Super Cyber Friday

By
Rich Stroffolino
-

Please join us on Friday November 7, 2025 for Super Cyber Friday.

Our topic of discussion will be “Hacking Remediation: An hour of critical thinking about how to take alerts from found to fixed.”

REGISTER for 11-7-25 Super Cyber Friday

Joining David Spark (@dspark), producer of CISO Series for this discussion will be:

  • Matt Brown, solutions architect, Endor Labs
  • Joe Harrington, senior security engineer, Principal Financial Group

Got feedback? Join the conversation on LinkedIn.

In preparation for our discussion, think about the following:

  • What’s the real difference between an alert that requires immediate action versus one that’s just adding to the noise? How do you make that call?
  • How do you build credibility with engineering teams when you need them to drop everything for a critical fix?
  • What’s the most effective way you’ve seen to translate security alerts into developer language that actually drives action rather than resentment?
  • How do you balance the engineering reality that “every patch could break something” with the security imperative that “vulnerabilities must be fixed”?
  • How should security teams prioritize remediation when software composition analysis reveals hundreds of vulnerable dependencies? What’s your framework?
  • What role does understanding the blast radius—what will actually break if we upgrade—play in getting engineering buy-in for remediation?
  • How is AI changing the remediation calculus? Are we entering an era where fixing vulnerabilities is faster than discovering them, or is that optimistic thinking?
  • What happens when the CEO walks in with news about the latest npm hack or supply chain attack? How do you avoid over-indexing on media coverage while still addressing real risks?
  • What’s the most effective developer experience you’ve seen for handling security alerts? How do you make remediation not suck for engineers?
  • How do you measure success in remediation? Is it time-to-fix, percentage of alerts addressed, or something else entirely?
  • What’s one change you’d encourage other security leaders to make in how they approach remediation with their engineering teams?

Huge thanks to our sponsor, Endor Labs

It all starts at 1 PM Eastern/10 AM Pacific. At the end of the hour [2 PM Eastern/11 AM Pacific] we’ll switch gears to our meetup where everyone will get a chance to chat face to face.

ALSO…

  • We play games during the show, and some players can win prizes! Players in the US can receive prizes as gifts; those outside the US can win gift cards. 

Super Cyber Fridays are open discussions where all viewers and listeners are welcome to become participants. Before the scheduled event, connect your webcam and microphone (avoid Bluetooth). During the discussion, if you have a question or comment, let it be known in the chat room and our producer will do his best to get as many of you into the conversation. We look forward to you joining us.

Rich Stroffolino
Rich Stroffolino
Rich Stroffolino is a podcaster, editor, and writer based out of Cleveland, Ohio. Since 2015, he's worked in technology news podcasting and media. He dreams of someday writing the oral history of Transmeta.