Presented at
Diana Initiative 2023,
Aug. 7, 2023, 11 a.m.
(30 minutes).
Security researchers around the world are doing a great job reporting security vulnerabilities to affected vendors and companies to help protecting users world-wide. We all enjoy learning the technical details and stories behind the vulnerabilities. However, the process of Coordinated Vulnerability Disclosure (CVD) is not always straightforward as it seemed. When a coordinated vulnerability disclosure involves multiple vulnerability and/or vendors, there are a lot more goes into the disclosure process. The Microsoft Vulnerability Research (MSVR) program has been a part of many different CVDs and we are the middle-man that ensures the disclosure is done responsibly.
This talk will present you with some insight into the "invisible" but important portion of the CVD that we don't often see or hear about that involves the case management team that coordinates these disclosures.
Presenters:
-
Tina Zhang-Powell
- Microsoft
Tina Zhang-Powell is a Senior Security Program Manager at Microsoft Security Response Center (MSRC) as part of the team that handles all security vulnerabilities that are reported for Microsoft’s product and services. She constantly strives to seek collaborative opportunities and create inclusive professional work environments for all.
Links:
Similar Presentations: