API Build-data JSON Resources
Theme

Choose how MSRBot.io looks on this device.

Preference is stored in this browser only.

MTS 2024, Article 17 (pp. 1 to 18)
[ACTIVE]

Case Study on Product Security and Vulnerability Management in Media

Metadata

Publisher
SMPTE — Hollywood, CA
Doc Type
Conference Paper
Content Type
Original Research
Volume
00, pp. 1–18
Abstract
Ensuring the security of media, in particular public service media, is of vital importance in maintaining public trust in the veracity of information. However, the transition to IP has opened up previously isolated media systems to direct and indirect attacks. All members of the media industry must adapt, but we will show the industry is struggling to do so. In 48 different security assessments of commercially available media systems, we found almost half of them contain at least one critical or high-severity security vulnerability. While working with the affected vendors to solve the issues, we were able to document the industry's current vulnerability management practices. Firstly, only 6 out of 32 vendors have a publicly advertised method for reporting security vulnerabilities to them. Secondly, only 3 of the 11 vulnerabilities that have been fixed by the time of writing this paper have been publicly and transparently disclosed. In other cases, the fix was included in the new release silently or only vaguely mentioned in release notes. We conclude that the media industry is not yet sufficiently committed to security and has a lot to learn from the IT industry where vulnerability reporting, coordinated vulnerability disclosure and frequent security updates are well-established.
Publication Date
2024-10-21
DOI
10.5594/MOO/3017
ISBN
[object Object]
Link
https://doi.org/10.5594/MOO/3017
Author(s)
Milan Duric
Lucille Verbaere
Gerben Dierick
Jakob Pfister
Keyword(s)
Product Security, Security Testing, Vulnerability Management, Vulnerability Disclosure, CVE, CNA
Copyright
© 2024 SMPTE
Source Data (JSON)

Full registry record with provenance metadata. Open directly: /api/doc/10.5594-MOO-3017.json

Reference this Doc

Plain text (ISO 690 compliant)

Preview:
Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; Case Study on Product Security and Vulnerability Management in Media, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]. Available at https://doi.org/10.5594/MOO/3017
Snippet:
Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; Case Study on Product Security and Vulnerability Management in Media, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]. Available at https://doi.org/10.5594/MOO/3017

HTML (ISO 690 compliant)

Preview:
Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; Case Study on Product Security and Vulnerability Management in Media, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]. Available at https://doi.org/10.5594/MOO/3017
Snippet:
<span class="citation">Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; <cite>Case Study on Product Security and Vulnerability Management in Media</cite>, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]. Available at <a href="https://doi.org/10.5594/MOO/3017" target="_blank" rel="noopener">https://doi.org/10.5594/MOO/3017</a></span>

SMPTE Icon SMPTE's HTML Pub

Preview:
Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; Case Study on Product Security and Vulnerability Management in Media, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]
doi: 10.5594/MOO/3017
url: https://doi.org/10.5594/MOO/3017
Snippet:
<li>
Milan Duric, Lucille Verbaere, Gerben Dierick, and Jakob Pfister; <cite id="bib-10-5594-moo-3017">Case Study on Product Security and Vulnerability Management in Media</cite>, MTS 2024, Article 17 (pp. 1 to 18); SMPTE, 2024, ISBN: [object Object]
<span class="doi">10.5594/MOO/3017</span>
</li>