Loading…
May 10-12, 2023
Vancouver, British Columbia, Canada + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, May 11 • 4:05pm - 4:45pm
Simplifying Coordinating Vulnerabilities & Disclosures in Open Source Projects - CRob, Intel & Madison Oliver, GitHub

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
As an open source maintainer or project contributor you wear a lot of hats. Some hats may be familiar (“tester”or “hacker”), while others may be alien and scary (such as coordinated vulnerability disclosure (CVD) ). Handling vulnerabilities can be some of the most stressful and unknown areas a developer might have to work with throughout their careers. The Open Source Security Foundation’s (OpenSSF) Vulnerability Disclosures Working Group is here to help! Decoding the mysteries and jargon that exists within the shadowy world of security researchers and security teams can be challenging, which is why the OpenSSF has created several useful guides to help assist open source developers to prepare for the day they get a vulnerability report from a stranger. Come learn about tools, templates, and best practices to make these interactions less stressful and more frictionless. So no matter what hat you like, the Vuln Disclosure working group has one that fits you!
Speakers
avatar for Christopher (CRob) Robinson

Christopher (CRob) Robinson

Director of Security Communications, Intel
Christopher Robinson (aka CRob) is Director of Security Communications at Intel Product Assurance and Security CRob is a 42nd level Dungeon Master and a 25th level Securityologist. CRob has been involved in upstream open source security for a decade, and spent 6 years helping lead... Read More →
avatar for Madison Oliver

Madison Oliver

Senior Manager, Advisory Database Curation, GitHub
Madison Oliver is a senior security manager at GitHub managing the advisory database curation team. She’s passionate about vulnerability response and disclosure. Her views are enriched by prior experience as a product incident response analyst at GitHub and a vulnerability coordinator... Read More →

OSS NA 2023 Simplifying coordinating vulnerabilities & disclosures in open source projects (1) pdf
Thursday May 11, 2023 4:05pm - 4:45pm PDT
211 (Level 2)
  Open Source Leadership Summit, Security and Risk Management