Can vulnerability disclosure be timely, detailed and coordinated?

被引:0
|
作者
Isbitski M. [1 ]
机构
[1] Sysdig, United States
来源
Network Security | 2023年 / 2023卷 / 12期
关键词
D O I
10.12968/S1353-4858(23)70062-7
中图分类号
学科分类号
摘要
Vulnerability disclosure is a tricky subject. Organisations need early and detailed information about vulnerabilities in order to fix them. At the same time, threat actors can use the same information to develop exploits that could devastate organisations that don't move fast enough to protect themselves. So how can we balance the need for disclosure against the threats posed? © 2024 MA Business Ltd.
引用
收藏
相关论文
共 50 条
  • [1] Coordinated Vulnerability Disclosure programme effectiveness: Issues and recommendations
    Walshe, T.
    Simpson, A. C.
    COMPUTERS & SECURITY, 2022, 123
  • [2] Are You Sure You Want To Do Coordinated Vulnerability Disclosure?
    Chen, Ting-Han
    Tagliaro, Carlotta
    Lindorfer, Martina
    Borgolte, Kevin
    van der Ham-de Vos, Jeroen
    9TH IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS, EUROS&PW 2024, 2024, : 307 - 314
  • [3] Towards a Greater Understanding of Coordinated Vulnerability Disclosure Policy Documents
    Walshe, Thomas
    Simpson, Andrew
    DIGITAL THREATS: RESEARCH AND PRACTICE, 2023, 4 (02):
  • [4] Don't shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure
    Weulen Kranenbarg, Marleen
    Holt, Thomas J.
    van der Ham, Jeroen
    CRIME SCIENCE, 2018, 7 (01)
  • [5] TDDC: Timely Disclosure Documents Corpus
    Doi, Nobushige
    Oda, Yusuke
    Nakazawa, Toshiaki
    PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON LANGUAGE RESOURCES AND EVALUATION (LREC 2020), 2020, : 3719 - 3726
  • [6] Coordinated Inattention and Disclosure Complexity
    Qu, Hong
    Williams, Jared
    Zhao, Ran
    Kwasnica, Anthony
    MANAGEMENT SCIENCE, 2024,
  • [7] Less timely earnings announcements and voluntary disclosure
    Cho, Hyunkwon
    Choi, Sunhwa
    Kim, Robert
    JOURNAL OF BUSINESS FINANCE & ACCOUNTING, 2023, 50 (3-4) : 524 - 564
  • [8] Responsible Vulnerability Disclosure in Cryptocurrencies
    Boehme, Rainer
    Eckey, Lisa
    Moore, Tyler
    Narula, Neha
    Ruffing, Tim
    Zohar, Aviv
    COMMUNICATIONS OF THE ACM, 2020, 63 (10) : 62 - 71
  • [9] Vulnerability Disclosure Considered Stressful
    Moura, Giovane C. M.
    Heidemann, John
    ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2023, 53 (02) : 3 - 10
  • [10] Anticipatory Ethics for Vulnerability Disclosure
    Huskaj, Gazmend
    Wilson, Richard L.
    PROCEEDINGS OF THE 15TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS 2020), 2020, : 254 - 261
12345