Core Security Technologies CTO Ivan Arce to Participate in Panel Vulnerability Disclosure at Source Boston


Security Experts to Discuss, “The Partial Disclosure Dilemma,” and Tactics to Avoid Overhyping Vulnerabilities While Keeping End Users Secure

Boston, MA - March 9, 2009 - Core Security Technologies, provider of the CORE IMPACT family of  comprehensive enterprise security testing solutions, today announced that Iván Arce, chief technology officer (CTO), has been selected to participate in a panel discussion at the upcoming SOURCE Boston 2009 conference. The event will take place at the Seaport Hotel in Boston, Mass. from March 11-13, 2009.

Who: Ivan Arce, CORE Security Technologies

What: Panel Discussion: “The Partial Disclosure Dilemma”

Where: SOURCE Boston – Seaport Hotel – Boston, Mass.

When: Thursday, March 12, 2009, 1:30 p.m. EST   


Panel Details

The never-ending debate about vulnerability disclosure has taken a new twist. In addition to "responsible disclosure" and "full disclosure," researchers are beginning to partially disclose security flaws, arguing that a phased approach to releasing information is important to ensure minimal exposure to attacks. Are they just playing the media? Or overstating minor issues? Is there common ground to be found to avoid overhyping vulnerabilities while keeping end-users secure?

Other participants in this panel session will include:

  • Moderator: Ryan Naraine, Kaspersky Lab / ZDNet
  • Dan Kaminsky, IOActive
  • Dino Dai Zovi, Independent Researcher
  • Alexander Sotirov, Independent Researcher
  • Katie Moussouris, Microsoft

Iván Arce, a renowned expert in the field of penetration testing and vulnerability research and co-founder of Core Security, sets the technical direction for the company and is responsible for overseeing the development, testing and deployment of all Core Security products. Arce also writes for numerous technical publications, speaks frequently at industry events and is regularly quoted in industry publications. He also currently serves as the Associate Editor of the IEEE Security & Privacy Magazine.

About Source Boston

SOURCE Boston is part of the SOURCE Conference family: the first and only conference that provides an intimate setting for IT security professionals and management executives to discuss industry issues with leading experts.

In addition to networking events and discussions about pressing subjects such as open-source technologies, disclosure, compliance and cloud computing, SOURCE Boston offers in-depth training classes. These classes, led by security luminaries like Joe Grand and education experts like Security Compass, help attendees come away better prepared to protect and secure information assets. More information is available at

For more information about this presentation or to schedule meetings with Core Security’s experts at SOURCE Boston 2009, please contact Tim Whitman or Megan Prock at 781-684-0770 or email  

About Core Security Technologies

Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company’s flagship product, CORE IMPACT, is the first automated penetration testing product for assessing specific information security threats to an organization. Penetration testing evaluates overall network security and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core augments its leading technology solution with world-class security consulting services, including penetration testing, software security auditing and related training. Based in Boston, Mass. and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at


Tim Whitman or Megan Prock         

Schwartz Communications 


Mon, March 09