How EU lawmakers can make mandatory vulnerability disclosure responsible

There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the benefit of the community. This playbook is not always perfect, but it strikes a reasonable compromise between providing time to fix a vulnerability and disseminating that knowledge to help prevent similar vulnerabilities in the future. The … More →

The post …

best practice community cybersecurity disclosure don't miss enisa eu european commission expert analysis expert corner fix government hackerone hot stuff lawmakers legislation opinion organization perfect playbook practice problem quickly responsible software software vulnerability standard vulnerability vulnerability disclosure