Just what is a Zero day attack? When does the clock start ticking? What happens next?In this talk we’ll cover how the CVE (Common Vulnerabilities and Exposures) process works, explore the timelines of a few famous CVEs and uncover the truth about ethical reporting.
As Cyber Attacks become an existential threat, it’s critical that all software developers understand the role the CVE process plays in helping us keep our defenses strong—and where it can go wrong or be subverted.
From bug bounties and bad actors to unsung developer heroes and incredible researchers, it’s time to buckle up for a wild ride as we show you what CVEs are really all about.
Theresa Mammarella is a software engineer at IBM, specializing in Eclipse OpenJ9 JVM and native image prototyping. She enjoys helping developers harness the full potential of their tools to create innovative solutions. Theresa actively contributes to the open-source community collaborating on various projects and is a regular conference speaker.
When she's not coding, Theresa loves to spend her time volunteering with animal rescues and exploring the great outdoors, where she can often be found hiking, camping, or simply soaking up nature's beauty.
Kadi (Grigg) McKean is a Developer Advocate in the DevOps / DevSecOps realm, whose passion for this dynamic field ignited during her early experiences with COBOL development and Mainframe solutions. Currently thriving at Endor Labs, Kadi works as collaborator alongside developers and security researchers, helping other to prioritize OSS risk and safeguard applications from potential threats.
Outside of work you can more than likely find her reading, cooking new recipes, and adventuring to new places.