Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vendor guidelines regarding security contacts

From: Ben Bucksch <news () bucksch org>
Date: Fri, 12 Jan 2007 05:25:39 +0100
Steven M. Christey wrote:

The US Department of Homeland Security's "Vulnerability Disclosure
Framework" document here:

  http://www.dhs.gov/xlibrary/assets/vdwgreport.pdf


*cough*

Full Disclosure Policy (RFPolicy) v2.0
http://www.wiretrip.net/rfp/policy.html
This basically means for vendors: Monitor security () example com, fix promptly, and communicate with reporter in all stages. 

Ben
Previous By Date Next
Previous By Thread Next

Current thread: