Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Disclosure Survey
Federico Biancuzzi, 2006-09-05

Federico Biancuzzi surveys statements from some of the world's largest software companies about vulnerability disclosure, interviews two security companies who pay for vulnerabilities, and then talks with three prominent, independent researchers about their thoughts on choosing a responsible disclosure process. In three parts.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Disclosure survey 2006-09-05
Todd Knarr
As noted, timeliness of response by the vendor's an issue. Another one is an (IMHO unwarranted) assumption behind all the vendor disclosure rules: that the fact that the general public doesn't know means that the black-hats don't know either. My suspicion is that the black-hats do know about these 0...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus