BSidesSF 2018 has ended
Back To Schedule
Sunday, April 15 • 1:30pm - 2:00pm
So you think you can patch: The game show that questions your security assumptions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Few people know that the game show was actually a Victorian invention, although they were a bit more erudite in the airship era. In this week’s episode of “So you think you can patch,” we explore what happens when patching isn’t so simple. Contestants and the audience will face situations when security updates may not be the straightforward solution, for end users or modern enterprises. How will they handle notice, failure, and bricking? Should this sort of thing be mandated by law, contract, or risk of lawsuit? What policies, technologies and market solutions can help? Our contestants will be humiliated for wrong answers and failing to appreciate the nuance of security, and everyone will win as they gain a better understanding of how solutions need to reflect and build on the realities on the ground.


John Banghart

Senior Director, Venable LLP
Former government lackey, current private sector lackey. Has spent 25 years patching systems, developing standards for vulnerabilities, developing infosec policy, and telling other people why they should or shouldn’t patch their stuff.
avatar for Allan Friedman

Allan Friedman

Director of Cyber Security Initiatives, NTIA
Wearing the hats of both a technologist and a policy maker, Allan has over 15 years of experience in international cybersecurity and technology policy. His experience and research focuses on economic and market analyses of information security. On the practical side, he has designed... Read More →

Kent Landfield

Chief Standards & Technology Policy Strategist, McAfee
Former chief vulnerability architect turned policy wonk (sliding to the dark side) working with and developing vulnerability-related standards and initiatives such as CVE. Identification and remediation rules!

Wendy Nather

Director, Advisory CISOs, Duo Security
Former gnome of Zurich, government lackey, industry analyst, and threat intel sharer — which means she is never surprised by a lack of patching. She’s now trying to make things better by playing for Duo Security.

Sunday April 15, 2018 1:30pm - 2:00pm PDT