Brian Gorenc
Brian Gorenc is the Vice President of Threat Research at Trend Micro. In this role, he leads a globally dispersed research organization responsible for the delivery of comprehensive protection technology and threat intelligence to defend against sophisticated attacks. Gorenc is also responsible for the Zero Day Initiative (ZDI) program, which represents the world's largest vendor-agnostic bug bounty program. The ZDI works to expose and remediate weaknesses in the world's most popular software. Brian is also responsible for organizing and adjudicating the ever-popular Pwn2Own hacking competitions.
Before joining Trend Micro, Gorenc worked for Lockheed Martin on the F-35 Joint Strike Fighter (JSF) program. In this role, he led the development effort on the Information Assurance (IA) products in the JSF’s mission planning environment. In addition to degrees from Southern Methodist University and Texas A&M, Brian holds multiple certifications including (ISC)2's CISSP and CSSLP.
Session
This talk looks at some of the best of the worst examples of disclosing bugs to vendors. We'll go behind the scenes to show the sometimes gory details and laughable farces of bug disclosure. Finally, we'll offer some advice to those who may be on the receiving end of disclosure to help them ensure they don't end up in version 2.0 of this talk.