2021/12 : "This reports examines : • The strategic, legal, and social nuances associated with vulnerabilities discovered “in the wild” • The basics of VDPs, including key benefits • Why the NIST Cybersecurity Framework lists vulnerability disclosure as a requirement for every organization • Best practices for implementing and managing a VDP • How to combine a VDP with Bug Bounty programs or penetration testing"
Critical Commentary
2021/12 : "This reports examines :
• The strategic, legal, and social nuances associated with vulnerabilities discovered “in the wild”
• The basics of VDPs, including key benefits
• Why the NIST Cybersecurity Framework lists vulnerability disclosure as a requirement for every organization
• Best practices for implementing and managing a VDP
• How to combine a VDP with Bug Bounty programs or penetration testing"