SEC212-R1: Vulnerability disclosure and response with AWS security - a podcast by AWS

A vulnerability disclosure program should be part of any company's promise to its customers. The owner of a product must have a strategy to accept input from the security community regarding that product. In May 2019, the AWS Security team received a report regarding the AmazonSageMakerFullAccess managed security policy. This session covers the vulnerability disclosure process and includes a discussion of how AWS processed that report.

Further episodes of AWS re:Invent 2019

Further podcasts by AWS

Website of AWS