Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
DoJ Launches Framework for Vulnerability Disclosure Programs
The Department of Justice releases a set of guidelines to help businesses create programs for releasing vulnerabilities.
1 Min Read
The US Department of Justice has released a framework to help businesses develop formal vulnerability disclosure programs. More businesses are adopting vulnerability disclosure programs to better detect security problems that could lead to data compromise and disruption.
Some informally accept vulnerability reports with no structured process; others have formal programs with policies to dictate how they accept vulnerabilities and share the information with those affected. These policies may also include authorized methods for finding flaws in a business' systems, services, and products.
The framework, created by the Criminal Division's Cybersecurity Unit, provides a process for designing and administering a program, as well as a set of considerations that could help inform vulnerability disclosure policies. It doesn't specify the goals and structure for these programs as every business has different goals and priorities.
Read more details here.
Read more about:
2017About the Author
You May Also Like
More Insights
