Send us a text In this no-punches-pulled return from hiatus, Ken and Mike dig deep into the messy middle of vulnerability management, SLA fatigue, and the illusion of compliance. Are we building secure systems or just passing audits? From legacy cruft to exploitable CVEs, this episode unpacks the real-world pressures of SOC 2, the auditor dance, and whether fixing every “critical” is even feasible. Perfect for practitioners trying to balance the checkbox culture with actual risk reduction, t...

Relating to DevSecOps

Ken Toler and Mike McCabe

Episode #080: Patch Me If You Can: Compliance, SLAs, and Other Fairytales

AUG 25, 202534 MIN
Relating to DevSecOps

Episode #080: Patch Me If You Can: Compliance, SLAs, and Other Fairytales

AUG 25, 202534 MIN

Description

Send us a text

In this no-punches-pulled return from hiatus, Ken and Mike dig deep into the messy middle of vulnerability management, SLA fatigue, and the illusion of compliance. Are we building secure systems or just passing audits? From legacy cruft to exploitable CVEs, this episode unpacks the real-world pressures of SOC 2, the auditor dance, and whether fixing every “critical” is even feasible.

Perfect for practitioners trying to balance the checkbox culture with actual risk reduction, this one’s got stories, strategies, and spicy takes. Bonus: tips on managing auditors without losing your mind—or your security posture.