CVE/FIRST VulnCon 2024 & Annual CNA Summit
Raleigh (NC), US - March 25-27, 2024 | McKimmon Center | #VULNCON24
Check out the recording content from the conference at YouTube
Virtual and In-Person registration Options
The purpose of the conference is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem. A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.
VulnCon is Co-Sponsored by FIRST and the CVE Program. This event will be open to both FIRST members and non-members around the world.
Mark your calendars for this exciting new conference!
We have an action-packed docket of dynamic speakers and cross-industry topics that we feel will accelerate collaboration within the vulnerability management and standards/frameworks space! This will be a must-see event for anyone involved in researching, reporting, triaging, mitigating, and communicating about security vulnerabilities. Some highlights from the agenda include:
- 40+ sessions across 3 full days of content and networking/collaboration
- Vulnerability Metadata SIGs, Working Groups, and other experts presenting about CVE, CVSS, EPSS, KEV, VEX, CVD, SBOM, and others!
- Speakers from CISA, MITRE, ENISA, global CERT teams, the OpenSSF, FIRST, and other renown industry experts
- Actionable advice on how to engage with CVD across ecosystem stakeholders and how to use and align the assorted vuln metadata tools, frameworks, and standards
Some showcase sessions will include:
- A “Day of VEX” from practitioners
- A “Day of Vuln Identifiers” from practitioners
- Keynotes around “Supply Chain Security: The Office of the National Cyber Director Perspective”, “Vulnerability Coordination in the EU”, “What it takes to lead America’s Vulnerability Management Team”, and sessions from global CERT teams
- Expert panels on Industry CVD, Vulnerability identifiers, VEX, Decentralized Root Cause analysis, the risks of requiring premature vuln disclosure, and more!
- Detailed sessions updating frameworks like CWE, CVSS, EPSS, and others
Registration
Discounted rates are not being offered for this event regardless of membership or speaking status.
- Standard Admission: US $250.00
- Virtual Admission: US $100.00
Registration fees include three days of coffee breaks and buffet lunches, one networking reception, and applicable meeting materials.
Location
Click on the map to see it enlarged on Google Maps.
