Building a Vulnerability Disclosure Program That Works for Election Vendors and Hackers

Explore the critical intersection of election security and vulnerability disclosure in this 39-minute Black Hat conference talk. Delve into the perspectives of both voting machine vendors and security researchers as they address the challenges and importance of protecting American democracy. Learn about the impact of the 2016 presidential election on scrutiny of voting technology, and discover how collaboration between vendors and hackers is improving election security. Gain insights into crowdsourced penetration testing, the Secure the Election Initiative, and the future of continuous security testing and supply chain audits in the electoral process. Engage with experts Chris Wlaschin and Mark Kuhr as they discuss building effective vulnerability disclosure programs and fostering cooperation between election vendors and the security community.

Introduction
Mark Core Introduction
State of Election Security
Crowdsource Security
Collaboration is Working
Crowdsource Pen Testing
Secure the Election Initiative
The Future
Continuous Security Testing
Supply Chain Security
Supply Chain Audits
Questions
Live Discussion
End Goal
Closing Comments