Explore a critical analysis of the global software industry's reliance on Chinese vulnerability disclosures in this 19-minute Black Hat conference talk. Delve into the impact of China's 2021 law requiring vulnerability reporting to the MIIT alongside affected vendors. Examine quantitative data on the changing proportion of Chinese-based vulnerability disclosures for major proprietary and open-source software products. Gain insights into the increasingly challenging environment for Chinese security researchers and its potential consequences for international cybersecurity. Learn from speakers Yumi Gambrill, Trey Herr, Frances Nettles, and Stewart Scott as they present their findings on this crucial topic affecting the global software ecosystem.
Overview
Syllabus
(Long) Dragon Tails – Measuring Dependence on International Vulnerability Research
Taught by
Black Hat