Working with the Security Community - A Decade of Evolution

Explore a decade of security community evolution in this 44-minute conference talk from AppSec California 2016. Gain insights from Dave Lenoe, Director of Secure Software Engineering at Adobe, as he reflects on the changing landscape of application security and incident response. Discover how community interactions have transformed over the years and what the future may hold. Learn about key topics including security research, vulnerability reporting, the role of security vendors, crowdsourced vs. traditional penetration testing, collaboration strategies, customer relationships, and the importance of metrics and sharing findings. Benefit from Lenoe's extensive experience in product security, incident response, and secure software engineering as he shares valuable perspectives on the security industry's past, present, and future.

Intro
Background
Listicle
Security Community
Security Researchers
Vulnerability Report Forms
No one is evil
Security vendors
Crowdsource vs traditional pentest
Collaboration
Customers
Path of Least Resistance
Example
Metrics
Reports
Sharing Findings