Albin Vattakattu
Albin leads the global Vulnerability Disclosure Program (VDP) for Amazon Web Services (AWS). He co-authored the inaugural AI security whitepaper, jointly published by AWS and SANS institute. Prior to AWS, Albin led incident response teams across North and South America, defending foreign governments and fortune 100 companies against DDoS campaigns orchestrated by APTs. He holds a Master’s degree in cybersecurity from New York University (NYU).
Session
A security researcher submits a report. It looks small -maybe even trivial. But in cloud environments, what starts as a whisper can become a roar that echoes across infrastructure you didn't know was connected.
This talk reveals what happens behind the scenes when vulnerability reports reach cloud providers at scale. What makes cloud vulnerabilities unique when distributed architectures are in play? How do you prioritize remediation when you're working backwards from customer impact across services you don't directly control?
Through a real-world case study told from both the researcher and practitioner perspective, you'll see the crucial trade-offs no one talks about publicly, and a series of challenges that textbook CVD was not designed to handle.
And the challenge is growing. AI is accelerating the velocity of vulnerability discovery, and the traditional vulnerability disclosure program (VDP) model was not built for it. This talk introduces three principles for modern VDP: a framework for building programs that don't just survive scale, but use it as a force multiplier.
Whether you're finding vulnerabilities or fixing them, you'll leave with practical strategies for navigating today's reality.