Download pdf
The Product Security Incident Response Team (PSIRT) is a critical part of keeping your IT infrastructure secure, by finding, fixing and reporting product vulnerabilities. But how do they function, and what do they see? We’ll go beyond the lawyer-approved response policies and SLAs and see how a mid-sized IT product company goes from vulnerability discovery to CVE number.

Learning Objectives:
1: Gain insight into the different maturity levels of vendor PSIRTs.
2: Understand how product vulnerability management affects supply chain security.
3: Improve your risk management by engaging more effectively with vendor PSIRTs.

Pre-Requisites:
Past experience with reviewing product vulnerability advisories would be helpful to understand context. Programming background in C, PHP and/or Python would help the examples make more sense.
Presenters