Building a Product Security Incident Response Team - Learnings From the Hivemind
Offered By: Black Hat via YouTube
Course Description
Overview
Discover how to establish and operate a Product Security Incident Response Team (PSIRT) in this informative Black Hat conference talk. Learn about the essential components of PSIRT processes, including vulnerability report handling, collaboration with development teams, customer support, and communications. Gain insights into implementing incident response mechanisms for small to medium-sized companies with limited security resources. Explore common SIRT structures, role responsibilities, and the integration of PSIRT within the Security Development Lifecycle (SDL). Delve into the incident response process, internal policies, and public documentation practices. Acquire practical knowledge on SIRT toolkits, data management, and potential pitfalls to avoid. Benefit from templates, actionable recommendations, and best practices derived from mature security response organizations. Access free resources to support your product incident response program development.
Syllabus
Intro
AGENDA
BUT WHAT ABOUT ISO STANDARDS!?
COMMON SIRT STRUCTURES
TYPICAL ROLE RESPONSIBILITIES
SDL OVERVIEW
INCIDENT RESPONSE PROCESS
INTERNAL POLICY
PUBLIC DOCUMENTATION
TOOLKIT
DATA MANAGEMENT FOR SIRTS
PITFALLS
FREE RESOURCES
QUESTIONS
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube