coordinated vulnerability disclosure

FIRST Vulnerability Coordination SIG

2014/06 : "The Industry Consortium for Advancement of Security on the Internet, ICASI, proposed to the FIRST Board of Directors that a Special Interest Group (SIG) be considered on Vulnerability Disclosure. After holding meetings at the FIRST Conferences in Boston in June 2014...Read more

A File Format to Aid in Security Vulnerability Disclosure (Security.txt)

2017/09 : "When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking. As a result, vulnerabilities may be left unreported. This document defines a machine-parsable format ("security.txt") to help organizations describe their vulnerability disclosure...Read more

Guide for how to handle vulnerability reports (on ISO/IEC 29147:2014)

2016/04/18 : Juha Saarinen writes on the document published by International Standards Organisation and International Electrotechnical Commission. This document "helps organisations handle responsible...Read more

Filling A Gap In the Vulnerability Market – First Bounty Notification (Microsoft)

2013/07/10 : Here is the Microsoft first Bounty Notification after they finally decide to launch their bug bounty.

This artifact is part of the Microsoft Vulnerability Disclosure Bundle.Read more

Black Hat 2014 Keynote: Cybersecurity as Realpolitik (on Geer Keynote)

2014/08/15 : Thu T. writes on Dan Geer keynote at the Black Hat Conference of 2014.

This artifact is part of the Geer keynote Bundle.Read more

Heart of Blue Gold – Announcing New Bounty Programs (Microsoft)

2013/06/19 : Microsoft decided to create new bounty program.

This artifact is part of the Microsoft Vulnerability Disclosure Bundle.Read more

Thirty Minutes Or Less: An Oral History of the LØpht, Part Three

2018/03/08 : Dennis Fisher gives us an Oral History of the LØpht in four parts. This is the third part, when "[p]ieces in The Washington Post, Wired, and many other outlets raised the group's profile and brought its work to the attention of people far outside the hacker...Read more

CERT Guide to Coordinated Vulnerability Disclosure announcement

2017/08/15 : Publication of the CERT Guide.

"The guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful CVD process. It also provides insights into how CVD can go awry and how to respond when it does so...Read more

Coordinated Vulnerability Disclosure Reloaded (Microsoft)

2011/04/19 : Microsoft reloaded its Coordinate Vulnerability Disclosure.

This artifact is part of the Microsoft Vulnerability Disclosure Bundle.Read more

Subscribe to coordinated vulnerability disclosure