Product Security Incident Response at a Fortune 500 SaaS
CVE/FIRST VulnCon 2025 · Main Stage
This talk, presented by Garrett at VulnCon, delves into the intricate world of Product Security Incident Response Teams (PSIRTs) within a large Software-as-a-Service (SaaS) organization, specifically a Fortune 500 company like ServiceNow. Garrett, who was instrumental in establishing ServiceNow's PSIRT, provides a candid and detailed account of the unique challenges and opportunities that arise when managing product security incidents in a cloud-hosted environment, contrasting it with traditional on-premise software vendors.
AI review
A competent, honest case study from someone who clearly built the thing he's describing. Garrett brings real operational experience to a topic — SaaS PSIRT mechanics — that doesn't get enough conference airtime. The talk is genuinely practitioner-facing: it's messy, specific, and avoids the sanitized LinkedIn-post version of incident response. However, it stops well short of being memorable. Most of the challenges catalogued are discoverable through experience or inference rather than novel insight, and the talk lacks a unifying analytical framework that would elevate anecdote into…