Kimber Dowsett (@mzbat)

Private Senior Security Consultant

SPEAKER BIO

Kimber is a Senior Security Architect, having experienced success in both the public and private sectors for nearly two decades. Through the years, she has held senior level positions at VMware, Apple, and multiple well-respected start up consultancy firms in the United States. Kimber is a former Director of Infrastructure and Security Engineering in the US Federal Government and served 6 years as a Sr. Mission Information Specialist at NASA, securing instrument and ground systems for flight and satellite projects.

Named one of the Top Women in Cybersecurity in the US by CyberScoop Magazine, Kimber is featured in Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World and Tribe of Hackers: Security Leaders. She is an international keynote speaker who has presented at DEF CON, BruCON, BSides events, and many security conferences throughout the US. Kimber is passionate about privacy, encryption, and building user-driven technology for the public. She also really likes bats and sailboats.

DISCUSSION TOPIC

Vulnerability Disclosure Programs: Hack Responsibly

It’s critical for organizations to understand the value of having a well crafted, publicly available Vulnerability Disclosure Policy (VDP) in place so security researchers, bounty hunters, students, and “others” have clear guidelines for system exploration, exploitation, and vulnerability reporting with decreased legal risk.

Kimber will provide specific guidelines and advisements on VDP contents, public visibility, and evaluations about pairing a VDP with a Bug Bounty program. She will also discuss the types of activities, sanctioned and unsanctioned, that could potentially result in prosecution under general Computer MIsuse Act guidelines and the Computer Fraud and Abuse Act (CFAA).