Recent vuln disclosure papers/presentations

[jkwilliams <jkwilliams () gmail com>]

Several interesting paper topics from WEIS05 (Workshop on the
Econcomics of Informatikon Security 2005) last week.
http://infosecon.net/workshop/schedule.php

In particular ...

"Impact of Software Vulnerability Announcements on the Market Value of
Software Vendors – an Empirical Investigation"
http://infosecon.net/workshop/pdf/17.pdf
http://infosecon.net/workshop/slides/weis_6_4.ppt
This one made the news: "Study: Flaw disclosure hurts software makers' stock"
http://www.theregister.co.uk/2005/06/07/flaw_disclosure_hurts_sofware_makers_stock/

"Internet Security, Vulnerability Disclosure, and Software Provision"
http://infosecon.net/workshop/pdf/9.pdf
http://infosecon.net/workshop/slides/weis_4_1.ppt

"Emerging Issues in Responsible Vulnerability Disclosure" 
http://infosecon.net/workshop/pdf/cavusoglu.pdf
http://infosecon.net/workshop/slides/weis_4_3.ppt

"Economic Analysis of Incentives to Disclose Software Vulnerabilities"
http://infosecon.net/workshop/pdf/20.pdf
http://infosecon.net/workshop/slides/weis_8_1.ppt

"The Likelihood of Vulnerability Rediscovery and the Social Utility of
Vulnerability Hunting"
http://infosecon.net/workshop/pdf/10.pdf
http://infosecon.net/workshop/slides/weis_8_2.ppt

"An Empirical Analysis of Vendor Response to Disclosure Policy"
http://infosecon.net/workshop/pdf/41.pdf
http://infosecon.net/workshop/slides/weis_8_3.ppt


Print them out.  Use them for bathroom reading.  I'm sure you can find
a couple to wipe with afterwards.

Regards,
kw

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave