Lancope to Present Joint Research at Virus Bulletin in Berlin
Joint presentation to discuss best practices for public disclosure of vulnerability exploitation
ATLANTA, Sept. 30, 2013 /PRNewswire/ — Lancope, Inc., a leader in network visibility and security intelligence, will present with Microsoft at Virus Bulletin 2013 in Berlin, Germany on Wednesday, October 2. Lancope’s Director of Security Research, Tom Cross, will co-present a session with Holly Stewart, Sr. Program Manager Lead at Microsoft Malware Protection Center, covering best practices for public disclosure of the fact that a security vulnerability is being exploited in the wild. The session will define the difference between vulnerability disclosure and disclosure of exploitation, and illustrate scenarios in which exploitation information can help aid the public in defending against active threats, as well as scenarios in which exploitation information can result in increased attack activity.
Cross and Stewart will discuss the ethics and timing of exploitation disclosure, presenting examples from various, real-world case studies. “Disclosing the fact that exploitation is occurring is important for many reasons, including helping IT professionals and software vendors prioritize defensive efforts,” said Stewart. “However, exploitation disclosure can also attract the attention of attackers and accelerate attack activity.”
“New vulnerabilities may be uncovered by security professionals in the course of analyzing malware samples or investigating breaches,” said Cross. “These security professionals are faced with a challenging ethical dilemma. There is attack activity going on that needs to be stopped as soon as possible, but the responsible software vendor may not know about the vulnerability in question and may need time to prepare a patch. As these circumstances have become increasingly common, it is important to understand the associated ethical considerations.”
Should security professionals inform the public when they discover that a new vulnerability is being targeted in the wild? When and under which circumstances? During the below presentation, Microsoft and Lancope will discuss various factors that can help determine the answers to those questions, including the scope of the attacks, how much information is available on the vulnerability and whether a fix has been developed.
WHO: Tom Cross, Director of Security Research, Lancope, Inc. Holly Stewart, Sr. Program Manager Lead, Microsoft Malware Protection Center WHAT: "Can alerting the public about exploitation do more harm than good?" WHEN: Wednesday, October 2, 2:00 p.m. CEST WHERE: Virus Bulletin 2013, Berlin, Germany DETAILS: https://www.virusbtn.com/conference/vb2013/abstracts/CrossStewart.xml
The Virus Bulletin conference is an annual event bringing together leading IT security experts from around the world to discuss the global threat landscape. Further details on the conference program can be found here.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch(® )System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit www.lancope.com.
©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.
SOURCE Lancope, Inc.