A security researcher submits their vulnerability report to an open source project (when they can find a confidential way to do so!). That launches several events in the affected project. In this talk, Marta will explain the reasons behind typical reactions. The main part will focus on common myths, misunderstandings, and communication errors that arise in these situations. The goal is to foster a better understanding between security researchers and project teams....
By: Marta Rybczynska
Full Abstract and Presentation Materials:
www.blackhat.com/eu-23/briefi...