Be the first to like this
The tech world does not live in silos: security vulnerabilities can impact an entire ecosystem (case in point Meltdown and Spectre).
This session will introduce different patterns for managing the disclosure of security vulnerabilities in use today: we will look at what different types of vendors (distros, product vendors, cloud providers or a combination of them) and the Xen Project security team do from the discovery of a vulnerability to it being deployed. We will also look at the interaction between the Xen Project and these downstreams in the context of our security policy.
This talk will give you a glimpse into a quite extensive machinery which kicks into gear across different organisations when security vulnerabilities are discovered and fixed behind the scenes.