|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Vendor guidelines regarding security contacts
From: Ben Bucksch (news
bucksch.org)
Date: Thu Jan 11 2007 - 22:25:39 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Steven M. Christey wrote:
> The US Department of Homeland Security's "Vulnerability Disclosure
> Framework" document here:
>
> http://www.dhs.gov/xlibrary/assets/vdwgreport.pdf
>
*cough*
Full Disclosure Policy (RFPolicy) v2.0
http://www.wiretrip.net/rfp/policy.html
This basically means for vendors: Monitor securityexample.com, fix
promptly, and communicate with reporter in all stages.
Ben
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]