For the best user experience please upgrade your browser
Loading Events


  • This event has passed.

ASRG LiveStream

08.04.21 @ 5:00 pm - 6:00 pm

The Internet, United Kingdom

Ken Munro will be presenting: Time TBC.

A YouTube live stream link will be provided closer to the event.

Vulnerability Disclosure Programs. How to make a VDP work

In this session we’ll share our experience of disclosing vulnerabilities. The good, the bad, and the downright shameful. You’ll also be given some choice insights into the process itself, with real examples, and how first contact does, in most cases lead to the vulnerability being fixed and rolled-out.

Most importantly though we’ll guide you on what a VDP can look like, and how you should develop and manage one:

  • A VDP is about culture and communication
  • Empowering your Product Security Incident Response Team (PSIRT)
  • Making Contact Easy
  • Briefing Your Staff
  • Keeping marketing and PR OUT of initial discussions
  • Accepting Constructive Criticism
  • Fixing The Vulnerability
  • Bug Bounties
  • Good VDP + responsible researchers = customer win


5:00 pm - 6:00 pm


The Internet
The Internet, MK18 2LB United Kingdom + Google Map