This one-day course is designed for managers and project leaders who are trying to respond to vulnerabilities reported in their products. This course will provide a high-level overview of the key issues, processes, and decisions that must be made to build your organization's vulnerability response capability. As part of the course, attendees will develop an action plan that can be used as a starting point in planning and implementing their vulnerability response capability.
The course is composed of lectures and class exercises. Participants will learn the requirements for establishing an effective vulnerability response capability, the various organizational models, the variety and level of services that can be provided, and the types of resources and infrastructure needed to support a team. Additionally, attendees will identify policies and procedures that should be established and implemented when creating a vulnerability response capability.
By the end of this course, you will understand the importance of a vulnerability response capability and how it can demonstrate to current and potential customers, business partners, security researchers, the media, and the general public that you take product security seriously.
This course will help participants to
This course has no prerequisites.
Participants will receive a course notebook, vulnerability response action plan, and a downloadable copy of course materials.
This one-day course meets at the following times:
9:00 a.m.-5:00 p.m.
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials.