Podcast ep 58: Rethinking Vulnerability Management in a Complex Threat Landscape with Peter Gigengack

Vulnerability management is often treated as a simple patch-and-move-on exercise, but as Peter Gigengack explains, that mindset only scratches the surface. This episode explores the reality of managing risk in modern environments, where unknown vulnerabilities, human error, and expanding attack surfaces make security feel like steering through an iceberg field with limited visibility.

Drawing on real-world experience, Peter unpacks why patching alone isn’t enough, how factors like misconfigurations and supply chain complexity create hidden risks, and why traditional tools like CVSS scores don’t always tell the full story. He also explores the growing impact of AI on software development, the challenges of prioritisation in an overwhelming volume of vulnerabilities, and the importance of adopting an attacker mindset.

This episode was hosted by Bek Cheb.