In the past 18 months we have seen a dramatic increase in research and presentations on the security of medical devices. While this brought much needed attention to the issue, it has also uncovered a great deal of misinformation. This talk is going to tackle those confusing and controversial topics. What’s the reality of patching a medical device? Is it safe to run anti-virus protection on them? You’ll find out in this talk. This presentation will outline a framework on how vendors, buyers, and administrators of medical devices can bring substantive changes in the security of these devices. This talk will also have the unique element of discussing a medical device software bug that InGuardians uncovered. This bug will be discussed in detail and replicated live on stage. InGuardians has worked closely with the FDA on properly documenting and submitting this through their tracking system. This will be covered in full detail so other researchers will know how to properly disclose bugs and vulnerabilities.