PaF (Patch and Fix) is a methodology focused on getting hands on towards a solution as oposed to RaD (Report and Discuss). I developed this approach when I was the CISO of a cryptocurrency exchange called Lescovex. This approach is common in certain free software projects and hacking communities. In this talk we will see how adopting such approach correctly can help us improve the security of our organizations by enabling those who can help us address the problem. Some of the side effects of PaF include: CISOs being seen as helpful contributors by people involved in development and system administration, auditors being seen as a valuable source of insight and development teams becoming better at handling security proactively and less inhibed at raising questions.
MetadataTo be recorded?: Yes
URLs for PaF || STFU
No URLs found.
- Sunday Aug. 11 19:00 - 20:00 at Speakers Tent