Over the next two years, vulnerability disclosure will evolve from a predominantly altruistic endeavor to one that actively damages organizations. Attackers will search for, and publicly disclose, ...

Cybersecurity researchers Brian Gorenc and Dustin Childs talk about the biggest vulnerability disclosure challenges in IoT and the industrial vertical. The process of vulnerability disclosure has ...

The State of Maryland has launched a cybersecurity initiative aimed at improving resilience and coordination across all levels of government. The Office of Security Management has rolled out a ...

The Cyber Crime Center (DC3) of the U.S. Department of Defense (DoD) says it has reached the milestone of processing its 50,000th vulnerability report submitted by 5,635 researchers since its ...

Billington Global Automotive Cybersecurity Summit panel on coordinated vulnerability disclosure programs. Credit: CSPAN Back in July 2016 at the first-ever Billington Global Automotive Cybersecurity ...

Chairwoman Nancy Mace (R-SC) speaks before a House hearing at the US Capitol on June 22, 2023 in Washington, DC. The House Committee on Oversight and Accountbility Subcommittee on Cybersecurity, ...

The agency released a draft binding operational directive that would require all civilian agencies to receive and resolve vulnerabilities identified by public security researchers. The Homeland ...

Vulnerability Disclosure and Reporting Guidelines The World Bank Group encourages the public to assist and support the World Bank Group in its continuous efforts to improve the protection and security ...

Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws. Sometimes ...

In 2003 security researcher Katie Moussouris was working at the enterprise security firm @stake—which would later be acquired by Symantec—when she spotted a bad flaw in an encrypted flash drive from ...