Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories

Black Hat
237K subscribers
<__slot-el>
<__slot-el>
787 views 2 years ago
...This talk provides examples of systemic problems with security patches and how those problems negatively impact enterprise security. We propose methods to incentivize vendors to improve their servicing habits, including alternative disclosure timelines for failed patches. We encourage others disclosing vulnerabilities to adopt similar timelines and for customers to prioritize purchasing based on how vendors impact their risk through servicing. By: Dustin Childs , Brian Gorenc Full Abstract & Presentation Materials: https://www.blackhat.com/us-22/briefi... ...more
...more
Comments are turned off. Learn more
Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories
14Likes
787Views
2022Nov 17
...This talk provides examples of systemic problems with security patches and how those problems negatively impact enterprise security. We propose methods to incentivize vendors to improve their servicing habits, including alternative disclosure timelines for failed patches. We encourage others disclosing vulnerabilities to adopt similar timelines and for customers to prioritize purchasing based on how vendors impact their risk through servicing. By: Dustin Childs , Brian Gorenc Full Abstract & Presentation Materials: https://www.blackhat.com/us-22/briefi...

Follow along using the transcript.

Black Hat

237K subscribers