451 Research: Exploring Coordinated Disclosure

Vulnerability disclosure has always been a hot topic among security practitioners, particularly the notion of coordinated disclosure – where a security researcher identifies a flaw and notifies a company, and then the two work together to fix and publicly disclose the flaw. Veracode recently commissioned this survey from 451 Research to learn more about how widely accepted this practice really is, and where the pain points reside.

View the Report

What will you learn?

Check out this report from Veracode and 451 Research to learn:

• A brief history of vulnerability disclosure

• Today’s perceptions of disclosure

• The appropriate time frame for a company to correct a vulnerability once notified

• The attitudes toward a coordinated disclosure policy from both the organization and the external security researchers

• Thoughts and experiences with bug bounties, and so much more