ISSA Middle Tennessee Chapter

February Chapter Meeting

  • 02/18/2022
  • 11:30 AM - 1:00 PM
  • Vaco, 5501 Virginia Way, Suite 120, Brentwood, TN 37027
  • 14

Registration


Registration is closed

Please note: Registration is limited for the in-person location. This meeting will also be live streamed so you can register for a virtual session.  Please choose carefully when registering! 

Join us for our next chapter meeting ... 

February's meeting sponsor is:



"Bug Bounties and Exploit Intelligence"

Nearly every organization claims to do vulnerability research and threat intelligence, but what does that really mean? As the world’s largest vendor agnostic bug bounty program, Trend Micro's Zero Day Initiative (ZDI) is uniquely positioned to understand the latest exploits and techniques. Various marketplaces exist for such security research, and the current gray and black markets can be as robust as their white market counterparts. At each stage of this process, information about the vulnerability equates to a monetary value, and, depending on how this information is disseminated, that monetary value can drastically change. Like any open market, various factors can spur changes in supply and demand, and market actors can shape what types of research either becomes public – or finds its way into an active exploit.

Dustin will discuss and show how bug reports submitted to the program allowed the ZDI to effectively crowd-source vulnerability intelligence by showing industry trends and state-of-the-art exploitation methodologies. He will also cover case studies on how these reports impacted the broader ecosystem. Bounty programs can also direct research and even predict future trends in exploitation. Even if you don’t actively participate in the exploit economy, it impacts the security of your enterprise. The most obvious way this manifests is through security patches that result from submissions to bug bounty programs, but other factors have wide-reaching impacts. Understanding the source of threat intelligence and the exploit economy are vital for getting proactive with your network defenses rather than merely reacting to threats.

Speaker:  Dustin Childs, CISSP, Senior Communications Manager


Dustin C. Childs is a part of Trend Micro’s Zero Day Initiative (ZDI), which is the world’s largest vendor agnostic bug bounty program. Dustin began his infosec journey in the late 1990’s at the Air Force Information Warfare Center. He then transitioned from active duty to defense contractor. Following this role, Mr. Childs worked in the Microsoft Trustworthy Computing  group, where he served as a case manager in the Microsoft Security Response Center (MSRC) with a focus on addressing vulnerabilities in the Windows operating system and in Microsoft’s developer tools. In his current role, Mr. Childs creates, implements, and oversees communications programs, both internal and external, that promote the work of ZDI and its researchers.


In-Person Location:

Vaco

5501 Virginia Way, Suite 120

Brentwood, TN 37027


When:

February 18, 11:30 AM to 1:00 PM

**************************************************

Link for virtual meeting:

https://global.gotomeeting.com/join/131331077

You can also dial in using your phone.
United States: +1 (872) 240-3212

Access Code: 131-331-077

We will have two giveaways for this meeting:

  • Our traditional door prize giveaway will continue for our monthly chapter meetings. All members in good standing who attend the event, either in person or via the live webinar, will be eligible.
  • The meeting sponsor will also hold a drawing for a $200 Amazon gift card! In order to be eligible, you must select to opt-in during the event registration process.


If you prefer postal mail, our address is: 

Middle Tennessee ISSA Chapter

P.O. Box 1431

Brentwood, TN 37027-1431

Powered by Wild Apricot Membership Software