Vulnerability Management in Software: Before Patch Tuesday


Register Now

Thursday, July 16, 2015
11:00 HRS PT/14:00 HRS ET
60 minutes, including Q&A



Brought to you by:

Vulnerability Management in Software: Before Patch Tuesday - by Kymberlee Price
Vulnerability Risk Management 2.0 - by NopSec

The Secure Development Lifecycle (SDL) does not end when a product releases. Implementing SDL practices during design and development will improve your software quality but will never make it perfect; vulnerabilities will continue to be identified in your code or in the third party libraries that ship in your product. How you handle those vulnerabilities is crucial to the security of your customers (and can keep your company from ending up on the news for the latest 0-day). Learn about current vulnerability trends, practices and tools that can help developers, security response teams, and network administrators understand and effectively mitigate risk in their environments, and how to measure and report on vulnerability management KPIs to leadership, all without requiring a data science degree.

Presenter:

Kymberlee PriceKymberlee Price

Kymberlee Price, BugCrowd, has over 12 years experience in the information security industry. Kymberlee pioneered the first security researcher outreach program in the software industry. Price later was a principal investigator in the Zotob criminal investigation, and analyzed APT's at Microsoft. She then spent 4 years investigating product vulnerabilities in BlackBerry's Security Response Team followed by an offensive security role as the Director of the Synack Red Team. Today she is responsible for directing the efforts of Bugcrowd's global team of more than 16,000 security researchers, optimizing vulnerability reporting performance for customers and researchers, and aiding 'the Crowd' with ongoing skill development and overall success in Bugcrowd programs.


Sponsor Presenter:

Steve GarrettSteve Garrett

Steve Garrett is Director of Product Management at NopSec where he brings nearly 20 years experience overseeing product roadmap development, technology implementations, and Total Customer Experience programs across the information security industry. Prior to NopSec, Steve led product management for RSA's SIEM, Network Forensics, and Incident Detection technologies. He holds a B.S. from the University of Texas.

UpcomingEvents

  • Black Hat USA 2017
    July 22-27, 2017
  • Black Hat Europe 2017
    December 4-7, 2017
  • Black Hat Asia 2018
    March 20-23, 2018

ShowCoverage

StayConnected

Fill out the form below to stay up to date on the latest Black Hat info, newsletters and intel.

Email*
First Name
Last Name
Subscription Group

Sustaining Partners