I presented on the 13 year history of the Errata project at RVAsec giving a behind-the-scenes look at the nightmare and headaches involved. Both from the project, and from the security industry. This presentation was updated slightly, and given a month later at the Black Hat Briefings 2012 in Las Vegas.
The attrition.org Errata project has documented the shortcomings, hypocrisy, and disgraces of the information technology and security industries. For 13 years, we have acted as a watchdog and reminder that industries who sell integrity should have it as well. The public face of Errata is very different than the process that leads to it. This presentation will give a unique insight into the history, process, and blowback that are cornerstones of the project. This will include statistics, how Errata has fallen short, how it can be improved, and where the project is going. Most importantly, it will cover how the industry can better help the project, both in staying off the pages on attrition.org, as well as contributing to it.
Videos of both are online and PPT / PDF available: