PaF (Patch and Fix) is a methodology focused on getting hands on towards a solution as oposed to RaD (Report and Discuss). I developed this approach when I was the CISO of a cryptocurrency exchange called Lescovex. This approach is common in certain free software projects and hacking communities. In this talk we will see how adopting such approach correctly can help us improve the security of our organizations by enabling those who can help us address the problem. Some of the side effects of PaF include: CISOs being seen as helpful contributors by people involved in development and system administration, auditors being seen as a valuable source of insight and development teams becoming better at handling security proactively and less inhibed at raising questions.
Speakers for PaF || STFU:
Metadata for PaF || STFU
To be recorded: YesURLs for PaF || STFU
Recording: https://www.youtube.com/watch?v=agJpRkFcz-8
Schedule for PaF || STFU
- Sunday, Aug 11th, 2019, 19:00 (CEST) - Sunday, Aug 11th, 2019, 20:00 (CEST) at Speakers Tent