The Benefits and Risks of Vulnerability Disclosure Programs
Offered By: HackerOne via YouTube
Course Description
Overview
Explore the legal landscape and practical considerations of vulnerability disclosure programs in this 36-minute conference session from Security@ 2017. Delve into the federal statutes, case law, and legal frameworks surrounding ethical hacking and vulnerability reporting. Examine the role of disclosure programs in cybersecurity, including their benefits and potential risks. Learn about key legislative efforts like the Warner Gardner Bill and analyze high-profile cases such as the Dru case and Google's Project Zero. Gain insights into implementing effective vulnerability disclosure programs, covering aspects like adoption, scoping, resource allocation, reporting mechanisms, and notification processes.
Syllabus
Introduction
Legal Framework
Federal Statute
Good Faith Exception
Consent Authorization Limits
Dru Case
Ninth Circuit
US v Carrera
Role of Vulnerability Disclosure Programs
Encouraging Vulnerability Disclosure Programs
Warner Gardner Bill
Benefits and Risks
Reasons for Caution
When a Vulnerability Disclosure Goes Wrong
Googles Project Zero
Considerations
Adoption
Scoping
Resources
Reporting
Notifications
Conclusion
Taught by
HackerOne
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX