Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Role of Empathy in Vulnerability Disclosure Practices for Software Vendors - 2017

LASCON via YouTube

Overview

Explore the critical role of empathy in vulnerability disclosure practices for software vendors in this 46-minute LASCON conference talk. Delve into the complexities of security advisories beyond standard templates and process maps, examining how decisions around information sharing, audience understanding, and customer support reflect team values. Learn from a real-world product security advisory case study, including cross-functional team collaboration and decision-making processes. Gain insights into successful practices, lessons learned, and recommendations for future security advisories and response strategies. Discover how empathy can preserve trust and enhance vulnerability disclosure processes, even though it's not explicitly mentioned in ISO 29147 standards.

Syllabus

Intro
Certifications
Good Standards
Product Security Advisory
SelfService Portal
Timeline
Customer Report
Vulnerability triage
Pizza
Patching
Interim release
User personas
Garys needs
No evidence
False positives
Customer remediation
Testing qualification
Vulnerability disclosure playbook
Internal communications
Timing
Customer feedback
The right amount of time and effort
Summary
Conclusion
Questions

Taught by

LASCON

Reviews

Start your review of The Role of Empathy in Vulnerability Disclosure Practices for Software Vendors - 2017

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.