This coming Tuesday, June 14th, from 1:00 – 2:30 p.m., join Tom Cignarella, Director of our Security Coordination Center (SCC), and Dave Lenoe, Director of Product Security, at the FIRST Conference in Seoul, Korea, for an insightful look back at the past 10 years of our work in incident response. Incident response at Adobe started off when the Product Security team was first formed working mostly on coordinated disclosure (called ‘responsible disclosure’ back then) of vulnerabilities from security researchers and partners. After a couple of years, relying on coordinated disclosure became more challenging as exploits in the wild against Adobe products began to proliferate. As the product and threat landscape evolved further, with hosted services entering into the mix, we began to see that vulnerability response and traditional network incident response were overlapping, and a new approach was required to tackle these changes.
Tom and Dave will talk about our journey, lessons we’ve learned along the way, detail our new approach now that we are a cloud services-based company, and where we see our incident response programs going in the future. You can also get a preview from Tom and Dave on this talk via a podcast from the FIRST team. If you are attending the FIRST Conference in Seoul, please join us or grab Tom or Dave in the hallway to share stories.