Black Hat USA 2014 – The Future of Responsible Disclosure

Date & Time: Month DD, YYYY at H:MM - H:MM
Location: Venue - Street Name and Number, City, State, Postal Code
Speaker: Bishop Fox

In the past, security researchers have followed an unwritten code that governs the ethical release of newly-discovered IT security vulnerabilities. In recent years, however, a new range of “bug bounties,” vulnerability marketplaces, and even government acquisition of critical flaws has created a broader and more lucrative set of opportunities for researchers to consider. In a world where a new vulnerability can mean big opportunities – and big bucks – for security researchers, what’s the “right” way to disclose new vulnerabilities? What are the best and most appropriate venues for disclosure? What’s the right length of time to wait for a vulnerability to be “fixed” before disclosing it in one of these venues? And should researchers seek disclosure venues and practices that are the most likely to keep users safe – or should they simply sell their discoveries to the highest bidder? In this panel session, top experts on vulnerability research and disclosure will offer a variety of views on how best to disclose a newly-discovered security flaw.

Vincent Liu will be a featured speaker at this Black Hat Sponsored Workshop - The Future of Responsible Disclosure Roundtop

Topics:Black Hat

Comments

Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com

More...

Subscribe to Updates