BSidesLV 2017

Public security incidents continue to plague software companies, and each public event brings with it a loss of reputation, customer confidence, and even market cap. We’ve all read headline after headline about vulnerabilities found in products with a PR quote from the software vendor saying they will issue a software update; but what happens leading up to the public disclosure? Who is working at the software vendor ensuring customers are safe?

We will go behind the scenes of a Product Security Incident Response Team (PSIRT) including definition of a PSIRT, its responsibilities, vulnerability lifecycles, emergency response events, customer support, researcher outreach, and other PSIRT duties. The talk will provide examples of the type of reports that PSIRT teams deal with on a daily basis, including reports from traditional end users, enterprise customers, researchers, and other sources.

The value of a PSIRT will be highlighted with recommendations for how to get started if your organization is looking to build a PSIRT, and thoughts on the various struggles associated with the endeavor