Lifetime cycles in vulnerability disclosure*

connects cybersecurity knowledge

NCSRA-III objectives:  1 , 2 , 3 , 4 , 5 
Time: 13:30 – 14:45
Room: Flash
Language: Dutch
Chaired by Chris van 't Hof, Tek Tok
* Prior knowledge required

What if you found and reported a vulnerability, but the owner of the system or vendor won’t fix it and users security is at stake? Each panelist presents a short case study, from the perspective of academics, business, government and hacker community.

Presentations and paneldiscussion:

Session in one presentation !

• Case 1. Academic Research vs. Industrial Disclosure Policies
  Prof.dr. Herbert Bos, VU University
   
• Case 2. Where to drop?
  Edwin Van Andel, CEO Zerocopter
  When taking responsibility is hard…
   
• Case 3. Dangerous toys
  Victor Gevers, co-founder GDI Foundation
   
• Case 4. Multi-party disclosure
  Dr. Jeroen van der Ham, NCSC 
  Pregenerated passwords in home routers