A smarter arms race: intelligence-driven security
Speaker: Marc Eisenbarth, HP
Over 10,000 vulnerabilities make up today's threat landscape, yet exploitation of only one percent of them has caused the majority of damage. Viewed in hindsight, the bulk of critical events can be attributed to vulnerabilities not being properly prioritized by security vendors and practitioners. In this session, we look at the question of prioritization from the attacker's point of view to determine why a hacker chooses a specific vulnerability out of the thousands of candidates. We’ll also provide unique insight into the discovery and disclosure of high-severity bugs through the HP Zero Day Initiative program. We’ll share the process we believe was used to rediscover and ultimately weaponize these vulnerabilities.