Promoting security awareness and development.

« Back to Events

December 9th, 2016 meeting

Fri, Dec. 9, 2016 2:00pm — 4:00pm

Add this to Calendar


December 9th, 2016


2:00pm to 4:00pm (PST)


KPMG - KCampus (4th floor)

777 Dunsmuir Street, V7Y1K3, Vancouver B.C.

Please be punctual for entry to the meeting room

RSVP Required – register at Eventbrite


Survive the Trenches of Zero-Day Exploits (Topic 1) and

The Common Vulnerability Scoring System (Topic 2)


Vic Chung (Topic 1) and Renchie Abraham (Topic 2), SAP Global Security 


ABSTRACT (Topic 1)

The end-goal of most proactive security defense mechanisms is to avoid zero-day exploits. Yet, are we prepared to deal with our worst-fear when it occurs? I will share my experience in the trenches of managing zero-day exploits and provide insight to the recurring pattern I see in detecting, protecting, and reacting against exploits. I will discuss the good as well as the bad from our lessons learned.


Vic Chung is a Product Security Architect with SAP Global Security. Vic is responsible for vulnerability disclosure reported by security researchers and hackers. Vic has a decade of experience in technical program management and has worked on topics related to usability, intellectual property, and security. Vic enjoys deep and thought-provoking conversations to take our industry forward, and is always on the look-out for innovative ways across disciplines to security.

ABSTRACT (Topic 2)

The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities.
CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.
CVSS is currently the 'industry standard' for representing the severity of a vulnerability and is used by companies like Cisco, Juniper, SAP, Oracle, Microsoft, Intel, Dell, etc.

BIOGRAPHY (Renchie Abraham)

Renchie Joan Abraham is a Product Security Specialist with SAP Global Security. Renchie is responsible for case-management of vulnerabilities reported by external researchers and is the co-lead for Security Patch Day Governance activities at SAP. He represents SAP at FIRST CVSS-Special Interest Group, and is one of the contributors of CVSS v3. Renchie acts as the global CVSS lead for SAP to ensure reported security vulnerabilities are prioritized in accordance to industry best-practices. Renchie is CSSLP- and CCSK-certified, and has a Bachelor’s degree in Electronics and Communication Engineering from Anna University, India. When not working, you can find Renchie trekking in the wilderness of British Columbia.

RSVP Required – register at Eventbrite