Skip to content ↓ | Skip to navigation ↓

Have you ever had one of those moments where, in the movie of your life, the actor playing you will voice over with the words, “I should have immediately known I’d come to regret this decision”? Seeing the RSA Call for Speakers suggest originality in the presentation style (via mention of a rock opera) sent us down the path of a mock trial.

While initially excited, we’ve definitely questioned our choice more than a few times and, come February 14th, we’ll put our plan into action. Stop by Moscone North 131 at 1:15 PM to find out if brilliance or hilarity will ensue.

All joking aside, we’re really excited for this presentation. Speaking about the importance of security bulletins by putting the current state of security bulletins on trial is really important to us. Doing it on the first Patch Tuesday without bulletins from Microsoft nearly makes it historic.

From the opening statement through direct and cross examinations all the way to the closing argument, we’ll demonstrate that while we’re not really lawyers, we’re definitely passionate about security bulletins. After more than a decade of looking at more security bulletins than any sane person should, you realize that vendors should be doing better, that communication should be more on point.

We spent time studying how the abundance of meaningless information has created information obscurity in our own community. We coined this burden that those in IT Operations feel as ‘Patch Fatigue,’ and we have continued to investigate it and discuss it with everyone we can.

This presentation will be a continuation of that conversation. We’ll look at how information overload could be eased with proper security bulletins that deliver the important information and offer a method of standardization that all vendors could apply to their security bulletins.

While we may not have chocolates and flowers, this Valentine’s Day we have a better gift for the information security community: a method of alleviating Patch Fatigue and reducing vendor created Information Obscurity.

Come and join us for entertainment and information.

SANS White Paper: Security Basics