December 2016 Education Session
Presented by Vancouver Security SIG, (ISC)² Vancouver Chapter, and ISSA Vancouver Chapter
Friday December 9th from 2:00 PM to 4:00 PM (PST)
Survive the Trenches of Zero-Day Exploits - by Vic Chung (SAP Global Security)
The end-goal of most proactive security defense mechanisms is to avoid zero-day exploits. Yet, are we prepared to deal with our worst-fear when it occurs? I will share my experience in the trenches of managing zero-day exploits and provide insight to the recurring pattern I see in detecting, protecting, and reacting against exploits. I will discuss the good as well as the bad from our lessons learned.
Vic Chung is a Product Security Architect with SAP Global Security. Vic is responsible for vulnerability disclosure reported by security researchers and hackers. Vic has a decade of experience in technical program management and has worked on topics related to usability, intellectual property, and security. Vic enjoys deep and thought-provoking conversations to take our industry forward, and is always on the look-out for innovative ways across disciplines to security.
The Common Vulnerability Scoring System - by Renchie Abraham (SAP Global Security)
The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities.
CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.
CVSS is currently the 'industry standard' for representing the severity of a vulnerability and is used by companies like Cisco, Juniper, SAP, Oracle, Microsoft, Intel, Dell, etc.
Renchie Joan Abraham is a Product Security Specialist with SAP Global Security. Renchie is responsible for case-management of vulnerabilities reported by external researchers and is the co-lead for Security Patch Day Governance activities at SAP. He represents SAP at FIRST CVSS-Special Interest Group, and is one of the contributors of CVSS v3. Renchie acts as the global CVSS lead for SAP to ensure reported security vulnerabilities are prioritized in accordance to industry best-practices. Renchie is CSSLP- and CCSK-certified, and has a Bachelor’s degree in Electronics and Communication Engineering from Anna University, India. When not working, you can find Renchie trekking in the wilderness of British Columbia.
There are limited seats at this venue so you must RSVP to attend. If the session is fully booked you will only be offered an option to register for the waitlist.
If you need to cancel your registration please contact the organizer or cancel via Eventbrite so that someone else can take your spot.