Bug Collisions Meet Government Vulnerability Disclosure

Explore the intricacies of government vulnerability disclosure in this 49-minute Black Hat conference talk. Delve into the Vulnerability Equities Process (VEP) and its role in determining whether software vulnerabilities known to the U.S. government are disclosed or kept secret. Examine the critical factor of assessing the likelihood that other parties may have discovered the same vulnerability. Join experts Jason Healey, Katie Moussouris, Kim Zetter, Lillian Ablon, and Trey Herr as they discuss the intersection of bug collisions and government disclosure policies. Gain insights into the complex decision-making process behind vulnerability management and its implications for cybersecurity.

Bug Collisions Meet Government Vulnerability Disclosure