Tales from the PSIRT: 10 Years of Bugs, Vulnerabilities and CVEs


Posted on in Presentations

The Product Security Incident Response Team (PSIRT) is a critical part of keeping your IT infrastructure secure, by finding, fixing and reporting product vulnerabilities. But how do they function, and what do they see? We’ll go beyond the lawyer-approved response policies and SLAs and see how a mid-sized IT product company goes from vulnerability discovery to CVE number.

Learning Objectives:
1: Gain insight into the different maturity levels of vendor PSIRTs.
2: Understand how product vulnerability management affects supply chain security.
3: Improve your risk management by engaging more effectively with vendor PSIRTs.

Pre-Requisites:
Past experience with reviewing product vulnerability advisories would be helpful to understand context. Programming background in C, PHP and/or Python would help the examples make more sense.

Participants
Jon Green

VP and Chief Security Technologist, Aruba Networks / HPE

Protecting Data & Applied Crypto Application Security & DevOps

supply chain risk vulnerability assessment patch management application security


Topic

Subtopic


Share With Your Community