Responsible Disclosure - Who Cares

Explore the challenges and complexities of responsible vulnerability disclosure in this 35-minute conference talk presented by security assessment experts OJ Reeves and Dan Tentler at the 44CON Information Security Conference. Delve into real-world case studies of attempted disclosures to vendors with major device vulnerabilities, examining both successful and unsuccessful outcomes. Learn about the Atlanta LED billboard incident, including live demonstrations of ongoing vulnerabilities. Gain insights into the process of turning security disclosures into conference presentations. Follow OJ's first disclosure experience with a large consumer storage product vendor, from initial discovery to exploitation and prolonged vendor interactions. Understand the intricacies of vulnerability analysis, shodan searches, and step-by-step exploit explanations. Reflect on the importance of responsible disclosure and the challenges faced by security researchers in their efforts to improve cybersecurity.

Responsible disclosure who cares Presented By OJ Reeves & Dan Tentler