The group discussed major instances of old code attack like Heartbleed and Shellshock. They shared stories of how they handled these issues as well as how to address them to customers. There still exist over 200 thousand known servers that possess potential old code vulnerabilities across the world. How do we address that issue? They looked at where their biggest vulnerabilities are. Third parties were a major concern for the banking members of the group.
The group talked about how different tools and methods like binary code analysis are becoming more and more important as the need to become more granular in the search for vulnerabilities and attack vectors increases. More due diligence is also needed. Third parties need to analyze and test their products more to help ensure that organizations can also remain safe and secure.