In this podcast Tom Uren and Patrick Gray talk about a new report that explores how China’s vulnerability discovery and research ecosystem is linked to state sponsored espionage. This research finds that a relatively small number of people are responsible for an outsize contribution to vulnerability discovery.

They also talk about difficulties at CISA’s Joint Cyber Defence Collaborative initiative and why it should be retired.