OUSPG

[This page is CSS2 enabled. Your browser might not fully support it]

Checklist for Designing a Vulnerability Disclosure Policy

$RCSfile: index.html,v $ $Revision: 1.2 $ $Date: 2003/12/22 12:09:18 $

ABSTRACT

Vendors, governments and information security researchers are creating vulnerability disclosure, handling and management policies, procedures and guidelines. We perceive a risk of considering the involved aspects too narrowly, and thus there is danger of missing the big picture. The purpose of this presentation is to provoke evaluation of vulnerability disclosure policy in its context. The presentation illustrates actors that are involved, the communication networks that they form as well as values and beliefs people taking part in the communication process may have towards it. This presentation offers collections of issues and perspectives which support evaluating and constructing a vulnerability disclosure policy.

[This page is CSS2 enabled. Your browser might not fully support it]