We Speak CVE
Episodes
The CVE Consumer Working Group (CWG)
14 Oct 2025
Contributed by Lukas
“We Speak CVE” podcast host Shannon Sabens chats with CVE Consumer Working Group (CWG) co-chairs, Jay Jacobs and Bob Lord, and CVE™ Project Lead...
Mapping the Root Causes of CVEs
05 Aug 2025
Contributed by Lukas
“We Speak CVE” podcast host Shannon Sabens chats with CVE™/CWE™ Project Lead Alec Summers and CWE Top 25 task lead/CWE Root Causes Mapping Wor...
25 Years of CVE and What’s Next
04 Feb 2025
Contributed by Lukas
Host Shannon Sabens speaks with fellow CVE Board members Kent Landfield and Madison Oliver and CVE Program Lead Alec Summers about the 25th anniversar...
CNA Onboarding Process Myths Versus Facts
01 Oct 2024
Contributed by Lukas
Shannon Sabens of CrowdStrike chats with Dave Morse, program coordination lead for the CVE Program, about the myths and facts of the CVE Numbering Aut...
Expected Impact of the CNA Rules 4.0
21 May 2024
Contributed by Lukas
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about the al...
Swimming in Vulns (or, Fun with CVE Data Analysis)
29 Apr 2024
Contributed by Lukas
Host Shannon Sabens of CrowdStrike chats with Benjamin Edwards and Sander Vinberg, both of Bitsight, about analyzing vulnerability data in the CVE Lis...
Meet the 3 New CVE Board Members
09 Apr 2024
Contributed by Lukas
In this episode — recorded live at “CVE/FIRST VulnCon 2024” — CVE Board member and CVE podcast host Shannon Sabens of CrowdStrike chats with t...
CVE Records States and Tags
26 Mar 2024
Contributed by Lukas
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about CVE Re...
The Council of Roots
30 Jan 2024
Contributed by Lukas
Learn how CVE Numbering Authority (CNA) partners—ranging from large to small organizations, proprietary and open-source products or projects, dispar...
How the New CVE Record Format Will Benefit Consumers
26 Sep 2023
Contributed by Lukas
Shannon Sabens of CrowdStrike and Kent Landfield of Trellix, both of whom are CVE Board members and CVE Working Group chairs, speak about how the new ...
Becoming A CNA—Myths versus Facts
21 Jun 2023
Contributed by Lukas
Host Shannon Sabens of CrowdStrike chats with Julia Turkevich of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about the myths and ...
Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0
07 Mar 2023
Contributed by Lukas
Kris Britton of the CVE Program speaks with Lisa Olson of Microsoft about Microsoft’s journey adopting the new CVE Services and CVE JSON 5.0 into th...
Coordinated Vulnerability Disclosure
30 Dec 2022
Contributed by Lukas
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about the recent release of OpenSSF’s “Guidance for Security Resear...
An Insider’s View of the CVE Program
27 Sep 2022
Contributed by Lukas
Shannon Sabens of CrowdStrike and Tod Beardsley of Rapid7, both of whom are CVE Board members and CVE Working Group chairs, chat about the CVE Program...
The Value of Assigning CVEs
14 Jun 2022
Contributed by Lukas
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about how and why CVEs are assigned, the value of CVEs in vulnerability...
Researchers and PSIRTs Working Well Together
03 May 2022
Contributed by Lukas
Shannon Sabens of CrowdStrike and Milind Kulkarni of a NVIDIA discuss what security researchers should expect when reporting vulnerabilities to a Prod...
Enhancing CVE Records as an Authorized Data Publisher
07 Dec 2021
Contributed by Lukas
Kent Landfield of McAfee and Art Manion of CERT/CC discuss how the CVE Program’s upcoming release of JSON 5.0 will allow for additional and related ...
How Red Hat's Active Participation Helps Improve the CVE Program
20 Nov 2021
Contributed by Lukas
Shannon Sabens of CrowdStrike chats with Peter Allor, Fábio Olivé, and Martin Prpic of Red Hat, which is a long-time CVE Numbering Authority (CNA). ...
CVE Myths versus Facts
12 Oct 2021
Contributed by Lukas
Episode 9 – Three CVE Board members provide the truth and facts about the following myths about the CVE Program: Myth #1: The CVE Program is ru...
CVE Working Groups, What They Are and How They Improve CVE
02 Sep 2021
Contributed by Lukas
Our eighth episode is all about how community members actively engage in the six CVE Working Groups (WGs) to help improve quality, automation, process...
Partnering with the CVE Program
31 Mar 2021
Contributed by Lukas
Episode 3 - Shannon Sabens of CrowdStrike speaks with Jo Bazar of the CVE Program, Erin Alexander of CISA ICS, and Tomo Itou of JPCERT/CC about the st...
How MongoDB Manages Its CVEs
01 Mar 2021
Contributed by Lukas
Episode 2 - Chris Sandulow, Boris Sieklik, and Lena Smart from MongoDB discuss their internal processes for managing CVEs, the importance of CVSS scor...