Is this the sort of disclosure we can expect based on the (OIS) Organization for Internet Safety's "code of conduct" and/or "best practices" for vulnerability disclosure?
ISS is a founding member of OIS, together with @stake, Bindview, Caldera, Foundstone, Guardent, Microsoft, NAI, Oracle, SGI, and...
ISS is a founding member of OIS, together with @stake, Bindview, Caldera, Foundstone, Guardent, Microsoft, NAI, Oracle, SGI, and...
[ more ]