This presentation is intended for anyone who has to respond to security vulnerabilities either at the ASF or elsewhere. This presentation will discuss some of the challenges the Apache Tomcat team has faced when dealing with reported security vulnerabilities.
This presentation is intended for anyone who has to respond to security vulnerabilities either at the ASF or elsewhere. This presentation will discuss some of the challenges the Apache Tomcat team has faced when dealing with reported security vulnerabilities and how the Tomcat security team has handled those challenges. In addition to discussing the challenges, the presentation will discuss some of the steps taken by the Tomcat project to try and reduce the re-occurrence of those challenges.