Re: Vendor guidelines regarding security contacts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Steven M. Christey wrote:

The US Department of Homeland Security's "Vulnerability Disclosure
Framework" document here:

  http://www.dhs.gov/xlibrary/assets/vdwgreport.pdf


*cough*

Full Disclosure Policy (RFPolicy) v2.0
http://www.wiretrip.net/rfp/policy.html
This basically means for vendors: Monitor security@xxxxxxxxxxx, fix promptly, and communicate with reporter in all stages. 

Ben
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux