BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Hacking 8+ million websites - Ethical dilemmas when 
 bug\n   hunting and why they matter\n   When: Friday\, Aug 12\, 13:45 - 14
 :45 PDT\n   Where: Flamingo - Twilight Ballroom - AppSec Village - Main St
 age -\n   [1]Map\n\n   SpeakerBio:Rotem Bar\n   Today Rotem is the Head of
  Marketplace Integrations at Cider Security\,\n   which is focusing on rev
 olutionizing CI/CD security. During his free\n   time\, Rotem plays with r
 obotics\, bug-bounty and enjoys traveling with\n   his family.\n\n   Descr
 iption:\n   Many companies are reluctant to pay bug hunters to find and re
 port\n   vulnerabilities in software produced by a 3rd party.\n\n   In thi
 s lecture\, we explore the pros and cons of this approach and\n   demonstr
 ate why taking responsibility for 3rd party vulnerabilities is\n   actuall
 y better for everyone.\n\n   Using shared services and systems from 3rd pa
 rties is becoming more\n   and more common today. Because of that\, a vuln
 erability found in one\n   target may also affect the millions of others w
 ho use the same\n   vulnerable shared system. This situation raises import
 ant dilemmas for\n   everyone involved - the 3rd party vendor\, the millio
 ns of users\, and\n   the security researchers/bug hunters who identify th
 e problem.\n\n   This talk will showcase a vulnerability we found in a 3rd
  party\n   application. We will show the technical details of how it was f
 ound\,\n   but will focus primarily on how we handled the submissions\, bo
 th to\n   the vendor and affected clients.\n\n   We will discuss the diffe
 rent dilemmas we encountered: Who should be\n   contacted first? How do we
  make sure the exploit won’t be leaked\n   prematurely? How much time sh
 ould we allow for vendor response? Who\n   should release the CVE? And fin
 ally: What are the consequences of each\n   of these decisions for the ven
 dor\, the client\, and us?\n\n   '\n\n   1. https://defcon.outel.org/conso
 lidated_page.html#FlamingoThirdFloor\n\n\n
DTEND:20220812T214500Z
DTSTART:20220812T204500Z
LOCATION:APV - Flamingo - Twilight Ballroom - AppSec Village - Main Stage
SUMMARY:Hacking 8+ million websites - Ethical dilemmas when bug hunting and
  why they matter
END:VEVENT
END:VCALENDAR