all InfoSec news
How NOT to handle responsible disclosure
Feb. 1, 2022, 3:39 a.m. | /u/damnitdaniel
cybersecurity www.reddit.com
Waaaaay back in 2015, the CSO of Oracle wrote a scathing blog post on vulnerability disclosure. Her message was that security researchers were in violation of the Oracle license agreements if they filed security vulnerabilities back to Oracle. The reasoning was that running binary analysis tools against Oracle products shipped to customers was reverse compilation and breached the TOS. She went on to say that Oracle does all their own scanning and that customers should focus on their own security …
!-->More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India