Tweet
Title: Checklist For Aviation Vulnerability Disclosure: Don't Go It Alone
Description:
Cybersecurity vulnerabilities are ever present in IT and OT systems and the aerospace sector is not exempt from these findings. What should a researcher or vendor do when they find a vulnerability? This is a common question but can have many and variety complex answers. Showing how a few simple steps by each participant in the process of coordinated disclosure can decrease the stress of the efforts and result in trust among researchers and a more resilient aviation sector.
Major points will focus on:
- What researchers should be doing in preparation of disclosure.
- When a researcher should be looking for help with coordination.
- Questions vendor should be asking in preparation of a public disclosure.
- Each disclosure is a unique event and should be leveraged to build upon.
This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.
=====
Discord: https://discord.com/channels/7082082...94164209057793
Speaker(s): Jay Angus
Location: Aerospace Vlg
Discord: https://discord.com/channels/7082082...93044363444264
Event starts: 2020-08-08 11:30 (11:30 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-06T21:15 (UTC).
Description:
Cybersecurity vulnerabilities are ever present in IT and OT systems and the aerospace sector is not exempt from these findings. What should a researcher or vendor do when they find a vulnerability? This is a common question but can have many and variety complex answers. Showing how a few simple steps by each participant in the process of coordinated disclosure can decrease the stress of the efforts and result in trust among researchers and a more resilient aviation sector.
Major points will focus on:
- What researchers should be doing in preparation of disclosure.
- When a researcher should be looking for help with coordination.
- Questions vendor should be asking in preparation of a public disclosure.
- Each disclosure is a unique event and should be leveraged to build upon.
This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.
=====
Discord: https://discord.com/channels/7082082...94164209057793
Speaker(s): Jay Angus
Location: Aerospace Vlg
Discord: https://discord.com/channels/7082082...93044363444264
Event starts: 2020-08-08 11:30 (11:30 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-06T21:15 (UTC).