insider.si.edu

Smithsonian Vulnerability Disclosure Policy

The Smithsonian Institution is committed to ensuring the security of the American public by protecting their information and the nation’s heritage. This policy is intended to give security researchers ...
ZDNet

Dropbox updates its vulnerability disclosure policy to protect researchers

After realizing that security researchers have suffered from "decades of abuse, threats, and bullying," Dropbox on Wednesday announced it has updated its vulnerability disclosure policy (VDP). Aiming ...
ZDNet

Bug bounty platform urges need for firms to have vulnerability disclosure policy

Organisations should provide a proper channel through which anyone can report vulnerabilities in their systems. This will ensure potential security holes can be identified and plugged before they are ...
Dark Reading

Digital Vigilantes Weaponize Vulnerability Disclosure

Over the next two years, vulnerability disclosure will evolve from a predominantly altruistic endeavor to one that actively damages organizations. Attackers will search for, and publicly disclose, ...
CSOonline

Microsoft blasts Google for vulnerability disclosure policy

After Google disclosed a second Microsoft vulnerability, complete with proof-of-concept code, the software giant accused them of playing ‘gotcha’ in a blog post heavy on criticism for Google’s 90-day ...
CSOonline

Has responsible disclosure won the debate?

The debate in the security community about disclosure shows no signs of abating. This article explores both sides of the argument and puts forward suggestions for organizations looking to improve ...