Loading…
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
Thursday, January 24 • 2:00pm - 2:50pm
It depends....

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
From the time we choose to rise each morning, to the time we finally rest our heads, almost every decision made in our daily lives, depends on something. When we understand these dependencies, we are better equipped to control our responses. Managing vulnerability response is no different. In fact, the quality of a response correlates closely to the degree in which dependencies are known and understood. This is especially clear when managing the response for third party components. As developers incorporate more and more open source and commercial third party components into their products, the complexity of these dependencies continues to increase, threatening the ability of a PSIRT to provide quality vulnerability response. A framework for managing dependencies (and their dependencies!), is critical to enabling developers to understand the downstream impact of decisions (made upstream) on a PSIRT. A framework opens the door for PSIRTs to shape the decisions that are made around third party components, much earlier in the product lifecycle. By driving a dialogue through dedicated PSIRT controls upstream, we lay the foundation for a PSIRT response that truly shifts from reactive to proactive. In this talk, come and learn about the framework that Dell EMC has used with good success!

Speakers
avatar for Kristen Pascale

Kristen Pascale

Principal, Technical Program Manager, Dell EMC
Kristen Pascale has worked as part of the Dell Product Security Incident Response Team (Dell PSIRT) for over 6 and a half years. While Kristen’s time at Dell EMC has been primarily focused on handling and responding to vulnerabilities in third party software, she has also been involved... Read More →
avatar for Tania Ward

Tania Ward

Consultant Program Manager, Dell
Tania Ward has worked as a program manager within Dell Product Security Incident Response Team for just under 6 years. In that time, she revamped the vulnerability response program, instituted company wide KPIs and participated in a number of FIRST initiatives. Tania is from Northern... Read More →



Thursday January 24, 2019 2:00pm - 2:50pm
Terrace Lounge