Program Overview

This event brings together PSIRT and incident response leaders on a wide range of topics of interest to anyone in a PSIRT role.

Wednesday, 4 March

PSIRT TC
Full-day Plenary (Times listed in EDT)
08:00 – 09:00

Registration

09:00 – 09:30
 US

Welcome

Josh Ament (NetApp, US)

09:35 – 10:05
 FI

How 5G Got Hacked

Lasse Laukka (Ericsson PSIRT – Ericsson, FI)

10:10 – 10:55
 US

Cheaper by the Dozen: application security on a limited budget

Christopher J. Romeo (Security Journey, US)

11:00 – 11:45
 US

Open is the Default: a year in the life of commercial open source

C Rob (Red Hat Product Security – Red Hat Inc, US)

11:45 – 12:35

Lunch

12:35 – 13:20
 US

How to add security vulnerability detection to a build pipeline

Adam Wallis, Jessica Butler (NVIDIA, US)

13:25 – 14:10
 US

Yield the Mallet: Efforts to Stop Playing Whack-a-Mole

Jorge G Lopez (MSCERT – Microsoft, US)

14:15 – 15:15
 US

Birds of a Feather - Advancing Your PSIRT Maturity Model with Software Composition Analysis (SCA)

David Spencer (Dell PSIRT – Dell Technologies, US); Tricia Tarro (Dell PSIRT – Dell Technologies , US)

15:15 – 15:30

Snack

15:30 – 16:15
 US

Birds of a Feather - Moving the needle on your program's maturity

C Rob (Red Hat Product Security – Red Hat Inc, US)

16:20 – 17:20
 US

Collecting PSIRT Metrics That Drive Change

Brian English (SAS Technical Support – SAS Technical Support, US); Sallie Newton (SAS Product Security Office, US); Steve Hart (SAS Institute, US)

18:00 – 20:00

Social Event

Thursday, 5 March

PSIRT TC
Presentations and Birds of a Feather (BoF) discussions ((Times listed in EDT)
09:00 – 09:45
 US

Automating Vulnerability Mapping from Tools

Dee Annachhatre, Jessica Butler (NVIDIA, US)

09:50 – 10:35

The State of Third-Party Software Security in 2020

Omar Santos (Cisco)

10:40 – 11:10
 US

Finders Are Our Friends

Katie Noble (Intel, US); Priya Iyer (Intel FIRST Team – Intel Corporation, US)

11:15 – 11:45
 US

Neurodiversity and Our Finders

Sarah Jacobus (Microsoft, US)

11:45 – 12:30

Lunch

12:30 – 13:00

Choose Your Own Disaster! Zippy Spacedirt and the Spiders from the WEB!

CRob (RedHat)

13:40 – 14:25
 US

VINCE for Multiparty Vulnerability Coordination

Emily Sarneso (CERT/CC – CERT Coordination Center, US)

14:25 – 15:10
 US

How is Your PSIRT Structured?

Jeremy Keila (Johnson Controls, US)

15:15 – 15:30

Snack

15:30 – 16:15
 US

Stakeholder-Specific Vulnerability Categorization (SSVC)

Art Manion (CERT/CC, US)

16:20 – 16:50
 US

THANGRYCAT and Secure Boot

Dario Nicolas Ciccarone (Cisco PSIRT – Cisco Systems, US)

16:50 – 17:00

Wrap-Up