Calculating Risk in the Era of Obscurity - Reading Between the Lines of Security Advisories

Explore systemic issues with security patches and their impact on enterprise security in this 40-minute Black Hat conference talk. Learn about proposed methods to incentivize vendors to enhance their servicing practices, including alternative disclosure timelines for failed patches. Gain insights on how to interpret security advisories effectively and understand the importance of prioritizing purchases based on vendors' impact on risk through servicing. Presented by Dustin Childs and Brian Gorenc, this talk encourages security professionals to adopt similar disclosure timelines and empowers customers to make informed decisions in the era of obscurity.

Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories