It's Vulnerable... Now What? Three Diverse Tales of Woe and Remediation


Comments are closed.

This talk was incredibly fascinating. To be honest, it was nearly an accident that I attended-- I didn't think the description sounded that useful for me-- but I'm very glad that I did.

Mark clearly knows his stuff, and I appreciated his relaxed and engaging way of presenting it. After mostly seeing "Top 10 OWASP Vulnerabilities"-type presentations, it was really nice to see a presentation that was less remedial. The stories were really interesting, and opened my eyes to a few types of vulnerabilities I wasn't previously familiar with. I also feel a lot more confident about reporting security fixes in the future, and what my rights are in that circumstance.

Honestly, if I have any feedback, it's to revisit the description for the talk. Yes, you certainly talked about how to report, but you also gave convincing arguments for why *I* should think of myself as someone who can find security vulnerabilities, and gave me a lot of food for thought in my own coding.