© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. David Lenoe | Wendy Poland Bullseye on Your Back Life on the Adobe Product.

Slides:



Advertisements
Similar presentations
CRA-W Career Mentoring Workshop. What is networking? Making professional connections and using them wisely.
Advertisements

©2013 PROS, Inc. All rights reserved. Confidential and Proprietary. PROS Connect User Community Website and Support Portal Prepared by Christine Lambden.
ATC Conference Call January 10, 2008 Thank you for joining the call. We will start the call shortly. Please enter * 6 to mute your line and # 6 to unmute.
 Focus on these three ◦ Resources  TIME & MONEY  Constantly keeping an eye changes/trends ◦ Four Square ◦ Facebook Timeline ◦ Google+ ◦ Pinterest.
Communicating NTEU’s Legislative Agenda How to Reach Your Members.
What you don’t know CAN hurt you!
ClubRunner Connect. Communicate. Collaborate. ClubRunner and Rotary International Database Integration Introduction and Overview November 2010.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Chapter 3.1 Teams and Processes. 2 Programming Teams In the 1980s programmers developed the whole game (and did the art and sounds too!) Now programmers.
Viruses and Spyware. What is a Virus? A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of.
How we build Redfin.com Matt Goyer Lead Product Manager.
1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Back to Start 1 of 10 Connect with a Mobile Device You can use your company’s Windows SBS computer network to extend your connectivity by using mobile.
Release Management and Rollout A very brief overview.
Adriana Iordan Web Marketing Manager / Avangate Social Networking Media How the software authors should use it?
ClubRunner Connect. Communicate. Collaborate. ClubRunner and Rotary International Database Integration Introduction and Overview Introduced: November 2010.
Volume Licensing Service Center Overview Presentation V1.0 August 2007.
How to make it easy for you customers to find and research you and your services!
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Michael Hankins. Overview  Areas PDFs are used  History of Adobe  Evolution of the PDF  Present Day Adobe Software  How the software has been adapted.
Introduction to INTTRA-Desktop Shipping Instructions Q
TELEPHONE INTERVIEWS : Telephone Interviews are very popular in modern fast work culture. Telephone interviews are often conducted by employers in the.
Greetings from jhoroTEK, a Software firm To Expand your KPI.
Outreach at the NGS Gillian Sinclair NGS Liaison Officer.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
© 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Novell SLES 9 on the xw460c Blade.
Futurestate IT Confidential APPLICATION COMPATIBILITY AND CURRENCY MANAGEMENT™ John Doe Partner Company.
Writing and Distributing a Social Media Release Jo Bates Social Media.
All rights reserved. © 2009 Tableau Software Inc. Productizing Data with Tableau Experian Automotive’s AutoCount Vehicles in Operation Heidi B. Haupt,
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
EEye Digital Security    On the Frontline of the Threat Landscape: Simple configuration goes a long way.
OPSWAT Presentation for XXX Month Date, Year. OPSWAT & ____________ Agenda  Overview of OPSWAT  Multi-scanning with Metascan  Controlling Data Workflow.
BUSINESS COMMUNICATION ENGB213
1 Thomas Lippert Senior Product Manager - Mobile What’s new in SMC 5.0.
1. e-Edition Lesson Learned 2 Important to educate subscribers about the difference(s) between the.com sites and the electronic edition Many people hear.
Web Security for Network and System Administrators1 Chapter 2 Security Processes.
® Copyright 2010 Adobe Systems Incorporated. All rights reserved. ADOBE® ACCESSIBILITY Accessible Web Conferencing Update Andrew Kirkpatrick Adobe Systems.
What Happens at IHE Connectathon…. December 3, 2014 IHE Connectathon Overview Session for IHE SDC Testing Partners.
WLCG Service Report ~~~ WLCG Management Board, 1 st September
Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM.
SFT Meeting Update Bruce Blume October 16, 2009.
Copyright © , Solutionary, Inc. Current Adobe Exploits  2 different exploits in play  “Here you have”, “Just for you”  No Advisory – PDF Masking.
Meeting Minutes and TODOs TG has no distributed monitoring. During incident response, use a manual twiki page to distribute information TG monitors the.
Illinois Action for Children Media 101: Making the Press Work for You.
OWx2 Online Workspace Whizzes Share, Collaborate, Communicate A look inside team portals and web office environments Maria Morales, Betsy Dugas, Kathrine.
Top 10 Tips For Growing Your Social Media Following You want a lot of targeted followers who are willing to engage with you and answer your calls to action.
How to Sell Software for Nothing and Actually Turn a Profit.
Slide 1 FastFacts Feature Presentation November 18, 2015 To dial in, use this phone number and participant code… Phone number: Participant.
Testing for Successful Deployment: Roundtable Discussion HIPAA COW Spring Conference April 8, 2011.
Improving Service, Avoiding Costs, and Increasing Reliability and Security of Network Clients Via Distribution of a Computing Services Orientation CD Chuck.
按一下以編輯母片文字樣式 第二層 第三層 第四層 第五層 Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2016/2/16 1 OPLab, NTUIM.
Writing Security Alerts tbird Last modified 2/25/2016 8:55 PM.
Confidentiality, Integrity, Awareness What Does It Mean To You.
Social Media Planning & Measurement: Proving (or not) the Value of Social Media Beth Harte Community Manager,
Welcome Class of Scholarships Be sure you are checking deadlines Scholarships are Posted several places... School website, Counseling Office Scholarship.
Small Group Discussion Questions. Three Categories Feed-Back from ISCR Training Death Clearance.
Getting started Fire & Security. Sound familiar? Who can help me with this project? What are common objections with prospects? Does anyone have experience.
Jeffrey Murray Principle Test Manager – PowerPoint Problems with PowerPoint? … you can blame me!
Internal developer tools and bug tracking Arabic / Hebrew Windows 3.1Win95 Japanese Word, OneNote, Outlook
6/27/20161 Interviewing Chapter Section Objectives Identify methods of preparing for interviews, including researching and rehearsing Recognize.
Developing influencing & pitching skills
Shadow Brokers – Details on Leaked Cyberintelligence Tools and Vulnerabilities A brief research note for Info-Tech’s members.
the following benefits: documents contained within a PDF Package
Attracting Cyber C-levels
How Not To Build A Trojan Horse
11/23/2018 3:03 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Employee Cybersecurity Program
Desktop App Assure Service Microsoft Representative Name June 7, 2019
Employee Cybersecurity Program
Presentation transcript:

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. David Lenoe | Wendy Poland Bullseye on Your Back Life on the Adobe Product Security Incident Response Team

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Who Are You?  Software vendors?  Security researchers?  IT pros?  General schadenfreude fans?  Just here for the food? 2

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Who We Are  Wendy Poland, Security Response Program Manager  PSIRT = Product Security Incident Response Team  ASSET = Adobe Secure Software Engineering Team 3

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Who We Are  Dave Lenoe, Product Security Program Manager 4

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Who We Are  Brief PSIRT overview  We'll talk through a case study, and you'll see what we do in more detail. 5

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Ubiquity Brings Responsibility 98%+ of Desktops “I would never speculate on limit. Every time you speculate, you’re way too conservative.” - John Warnock, Adobe Founder ® Rich Feature Set + Broad Compatibility + Target of Attack =

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Adobe PSIRT Overview  Security researchers seem to be paying a TINY bit more attention to Adobe products now…. 7

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. What We’re Going to Talk About  Walk through a zero-day case study  Discuss lessons learned  Talk about what we're doing now  ASSET & PSIRT overview 8

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. What We Hope You’ll Get Out of this Talk  Learn from what happened to us  Learn about what Adobe is doing to protect customers 9

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Dedicated Security Resources ASSET  Supports ongoing secure software development  Conducts proactive security reviews  Defines and champions security product lifecycle  Performs incident analysis to drive further improvements PSIRT  Front-line responders to security incidents  Manages communications with security researchers  Communicates mitigations and patch schedules  Produces detailed security bulletins

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. PSIRT Workflow 11

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: : doc.Media.newPlayer Issue  doc.Media.newPlayer issue  CVE

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day /14/2009 First Report Received 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/2010

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Day 1: 12/14/2009, 1:12 p.m. PST 14

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Usually, we know about vulnerabilities found in the wild... (most exploits are of known, fixed issues).  This time we didn't.  Triage - is this a real issue? 15

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Zero Day Meeting - Always fun to see this invite in your mailbox 16

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Adobe Connect 17

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Exploit Demo  DEMO 18

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Best Practice: Working with more partners and customers to get faster communication of possible issues / exploits  Yes, it‘s a zero-day - need to acknowledge publicly via PSIRT blog post 19

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Digression – ASSET Certification Program  Speaking a common language - importance of training (proactive steps for preparation of reactive steps) 20

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Digression – ASSET Certification Program 21

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Digression – ASSET Certification Program  DEMO 22

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.  Initiative for all Adobe products  Action plan defined and executed by security researchers  Each release furthers our security posture  80-point security plan for every product  Comprehensive training and certification on security for all engineers  Security best practices and intelligence program More Secure Products What We Have Done ® Executing Secure Product Lifecycle Executing Secure Product Lifecycle Creating a Culture of Security

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 1 (cont.)  Questions:  How wide is the exploitation?  Is there a workaround? Yes - JavaScript Blacklist  Is this something we already know about/fixed in the next version? No  Verify info and get it ready for publication  Best Practice: Partners are good, workarounds are better. 24

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day /14/2009 First Report 12/15/2009 Security Advisory Released 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/2010

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 2 (cont.)  Publish workaround via Security Advisory  When can we patch?  Zero-day branch vs. scheduled quarterly update 26

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 2 (cont.) 27

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day /14/2009 First Report 12/15/2009 Security Advisory 12/16/2009 ASSET Blog Posted 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/2010

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 3 (cont.) 29

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day /14/2009 First Report 12/15/2009 Security Advisory 12/16/2009 ASSET Blog 12/17/2009 JS Blacklist Feedback 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/2010

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Day 4 (cont.)  First use of JavaScript Blacklist workaround  Customer feedback on workaround 31

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Christmas Day 32 12/14/2009 First Report 12/15/2009 Security Advisory 12/16/2009 ASSET Blog 12/17/2009 JS Blacklist 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/ /17/2009 – 1/11/2010 Testing

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – Christmas Day (cont.)  We're not the only ones working over the holidays, unfortunately.  Customer s, calls, etc. 33

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Digression - Working on PSIRT  The challenges...  Working over the holidays  The product teams don't particularly like to hear from us.  Some job perks...  More spam  Can't just walk into Adobe cafeterias unnoticed anymore  Mysterious file attachments  Arbitrary Facebook friend requests 34

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue – January 12, /14/2009 First Report 12/15/2009 Security Advisory 12/16/2009 ASSET Blog 12/17/2009 JS Blacklist 12/25/2009 Christmas 1/1/2010 New Year’s Day 1/12/2010 Security Bulletin Released

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue –Security Bulletin Release  January 12,

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Case Study: doc.Media.newPlayer Issue –Security Bulletin Release  Bulletin/patch are released  Press coverage  Getting patch distributed is huge focus - vast majority of exploits in the wild are against old versions 37

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. New Updater  Brief overview of Adobe Reader / Acrobat updater technology 38

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Communication - Transparency  Transparent communication  With customers  With researchers  With partners  With AV Companies  With the press, bloggers, among others...  Can't run away and hide - not effective 39

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. What’s Happening Today  Expansion of team - we're still hiring!  Secure Product Lifecycle (SPLC) overview/roadmaps  Executive/board support 40

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Where to Next? How to contact us:  PSIRT  Web form ( 41

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Where to Next?  Where to send sympathy cards and flowers :) 42

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Where to Next? Where to find us:  PSIRT blog:  ASSET blog:  Security bulletin page:  Security portal:  Visiting conferences like this one! 43

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Q & A  No iPhone/iPad questions please! 44

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.