This is an activity of FIRST Special Interest Group - Internet Infrastructure Vendors. For all information on these events please contact Damir Rajnovic <email@example.com>.
The goal is to bring together product security teams and enable them to exchange their experiences and best practices. This includes teams that are either handling technical or coordination aspects of product security. The field of product security is unique in the sense that it is not related only to a specific technical challenges (e.g., testing, programing) but also includes aspects of project management, legal and managerial issues.
These meetings are open to all vendor teams irrespective if the are members of SIGIIV or FIRST or not. Relevant guests are also welcomed. However, the SIGIIV moderators can use their discretion and refuse participation if necessary.
The second meeting of Product Security Teams will be held in 2005-Nov-16 and will be hosted by Oracle at Redwood Shores, California, USA. The meeting is adjecent to FIRST Technical Colloquia.
Attendees are invited to submit papers, tutorials or propose panel session, on any of topic of interest. Topics of interest include, but are not limited to:
All submition should be sent to Damir Rajnovic <firstname.lastname@example.org> no later then 2005-Aug-31. The submition should have the subject line "PSTM - Paper submission" and must contain the type of the proposal (paper, discussion), duration (if not specified 45 minutes is the default), abstract and contact details (e-mail and telephone number). Submitters will be notified no later then Sep-15.
Currently the following organizations either confirmed their presentations or expressed interest to present during the event. Topics and presenters are tentative and subject to change.
|TBD||Welcome, Damir Rajnovic, Cisco Systems|
|TBD||CERT/CC processes during vulnerability coordination, Art Manion, CERT/CC|
|TBD||JPCERT/CC processes during vulnerability coordination, Yurie Ito, JPCERT/CC|
|TBD||Usage of OVAL in producing security Advisores, Masato Terada, Hitachi Ltd.|
|TBD||OVAL markup scheme, MITRE|
|TBD||Legal aspects of handling product vulnerabilities, Tara Flanagan, Cisco Systems|
Further information will be posted as they becomes available.