RSA: How Mature is Your Vulnerability Co-ordination?
Mar 05, 2016, 06:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
Among the many best practices for security professionals is to have some form of model for handling inbound vulnerability reporting. That is, if someone is able to find a bug or exploit in product or service, is the company that is vulnerable able to actually respond to a researcher and know what to do with a report. It's a topic that security industry luminary Katie Moussouris, Chief Policy Officer at HackerOne is well versed in as the author of the Vulnerability Coordination Maturity Model.