Cyber Defence-program |
Vulnerability Handling
|
Belgrade - Serbia
Date:
Fees - 400 Eur / per participant
Date:
Fees - 400 Eur / per participant
Vulnerability Handling
To provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Also, to provide some hands-on experience with difficult situations that may arise through the role of coordinator.
The objective of the exercises is to provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Students will learn:
Who the key players are, and the main phases of the vulnerability handling process;
The main responsibilities of a CERT team involved in a vulnerability case;
How to design a vulnerability disclosure policy suitable for their CERT; and
How to deal with difficult situations that may arise through their role as a coordinator.
Exercises:
Task 1: Discussion: Responsibilities of a CERT team in a vulnerability case
Task 2 Discussion: Vulnerability disclosure – advantages and disadvantages
Task 3 Designing a vulnerability disclosure policy
Task 4 Role-playing game: Introducing CERT coordination in a vulnerability case
Task 5 Identification of vulnerability handling phases [optional, if needed or there is a special interest from the students]
Task 6 Coordination of a single and multiple vendor case [optional, if needed or there is a special interest from the students]
Target Audience: Managers and incident handlers.
To provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Also, to provide some hands-on experience with difficult situations that may arise through the role of coordinator.
The objective of the exercises is to provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Students will learn:
Who the key players are, and the main phases of the vulnerability handling process;
The main responsibilities of a CERT team involved in a vulnerability case;
How to design a vulnerability disclosure policy suitable for their CERT; and
How to deal with difficult situations that may arise through their role as a coordinator.
Exercises:
Task 1: Discussion: Responsibilities of a CERT team in a vulnerability case
Task 2 Discussion: Vulnerability disclosure – advantages and disadvantages
Task 3 Designing a vulnerability disclosure policy
Task 4 Role-playing game: Introducing CERT coordination in a vulnerability case
Task 5 Identification of vulnerability handling phases [optional, if needed or there is a special interest from the students]
Task 6 Coordination of a single and multiple vendor case [optional, if needed or there is a special interest from the students]
Target Audience: Managers and incident handlers.