Explore systemic issues with security patches and their impact on enterprise security in this 40-minute Black Hat conference talk. Learn about proposed methods to incentivize vendors to enhance their servicing practices, including alternative disclosure timelines for failed patches. Gain insights on how to interpret security advisories effectively and understand the importance of prioritizing purchases based on vendors' impact on risk through servicing. Presented by Dustin Childs and Brian Gorenc, this talk encourages security professionals to adopt similar disclosure timelines and empowers customers to make informed decisions in the era of obscurity.
Calculating Risk in the Era of Obscurity - Reading Between the Lines of Security Advisories
Overview
Syllabus
Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories
Taught by
Black Hat
Related Courses
-
Vendors' Response to Security Problems Without Pressure to Go Public
-
How to Stay Up-To-Date On Security Patches
-
Reading Between the Lines - An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems
-
Stranger Danger - What Is The Risk From 3rd Party Libraries
-
Fad or Future - Getting Past the Bug Bounty Hype
-
Breaking Through Another Side - Bypassing Firmware Security Boundaries from Embedded Controller
