Description
"Responsible Disclosure – Letting the cat out of the bag"
So you have found vulnerabilities in other people's code. Or other people have found vulnerabilities in your own code. Either way: how to handle the situation? In the long run, trying to keep information about the vulnerability under wraps is unlikely to work, so in this module, we will cover some aspects and strategies of how to approach this issue.
What you will learn:
- Concepts
- Vulnerability handling - Vulnerability disclosure
- Exploitation
- Advisories
Defining Vulnerability policies
How to report vulnerabilities to others (Vulnerability
reporting) - CVE CNA
- Coordinating vulnerability activities
Receiving vulnerability information
Duration: 1 hour
Webinar Host: Pauline Smith (GLAD)
Presenter(s)/Facilitator(s): Tobias Dussa, DFN-CERT
Affiliation (WP/Task): WP8 Task 1
Authors (content is created by): Stefan Kelm, Klaus Möller DFN-CERT