Focus Areas:
DevSecOps
Abstract
โI discovered a critical security issue that lets an attacker compromise any other userโs account without any user interaction."
Join Terry Zhang, Ron Chen, and a Microsoft Engineer for the coordinated public disclosure of a critical elevation of privilege vulnerability. This is the story of a research collision by two security researchers and the emergency response investigation that was launched as a result of their vulnerability reports. Attendees will learn the techniques used by researchers to identify the vulnerability, how companies can effectively partner with researchers throughout the disclosure process to protect customers, and what application developers can do to more securely code web applications to avoid similar flaws.