Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game presented at Defcon 2016

by Joshua j. Drake, Steve Christey,

Summary : If you’re interested in vulnerability research for fun or profit, or if you’re a beginner and you’re not sure how to progress, it can be difficult to sift through the firehose of technical information that’s out there. Plus there are all sorts of non-technical things that established researchers seem to just know. There are many different things to learn, but nobody really talks about the different paths you can take on your journey. We will provide an overview of key concepts in vulnerability research, then cover where you can go to learn more - and what to look for. We’ll suggest ways for you to choose what you analyze and provide tools and techniques you might want to use. We’ll discuss different disclosure models (only briefly, we promise!), talk about the different kinds of responses to expect from vendors, and give some advice on how to write useful advisories and how to go about publishing them. Then, we’ll finish up by covering some of the ‘mindset’ of vulnerability research, including skills and personality traits that contribute to success, the different stages of growth that many researchers follow, and the different feelings (yes, FEELINGS) that researchers can face along the way. Our end goal is to help you improve your chances of career success, so you can get a sense of where you are, where you want to go, and what you might want to do to get there. We will not dig too deeply into technical details, and we’d go so far as to say that some kinds of vulnerability research do not require deep knowledge anyway. Vulnerability research isn’t for everyone, but after this talk, maybe you’ll have a better sense of whether it’s right for you, and what to expect going forward.