From Coordinated Disclosure to Cooperative Vulnerability When Dealing w/ Critical Software Stacks

When it comes to critical software stacks (like embedded network libraries or real-time OSs), is it time to change the way we, as researchers, approach vendors when disclosing vulnerabilities? Shouldn't we start cooperating with them before disclosing vulnerabilities, as early as when the research begins, so that they have both a chance to learn and to help security researchers in finding more vulnerabilities?...

By: Daniel Cuthbert, Kelly Jackson Higgins, Marina Krotofil & Federico Maggi

Full Abstract : https://www.blackhat.com/eu-21/briefings/schedule/#from-coordinated-disclosure-to-cooperative-vulnerability-research-when-dealing-with-critical-software-stacks-25298
Web design
Be the first to comment