Description
Total length of the course: <1 hour
Vulnerability disclosure sits at the intersection of technical research, legal risk, and policy, and getting it right matters enormously for building and maintaining secure software. In this conversation, trace the evolution of best practices for vulnerability disclosure, unpack the ethical and legal tensions that make it so contested, and examine what the landscape looks like today at both national and EU level, before asking how different approaches stack up and what it would take to do better.
Content details
What is vulnerability disclosure and why does it matter?
You don't currently have access to this content
From a policy perspective, why is vulnerability disclosure sometimes seen as controversial?
You don't currently have access to this content
How has vulnerability disclosure changed since you first entered the field?
You don't currently have access to this content
How do you approach the ethical considerations around vulnerability research?
You don't currently have access to this content
What does the legal framework for vulnerability disclosure look like today, and how could it be improved?
You don't currently have access to this content
What does the vulnerability disclosure landscape look like at the EU level?
You don't currently have access to this content
What are the pros and cons of different approaches to vulnerability disclosure?
You don't currently have access to this content
How do organizations decide how quickly to remediate a reported vulnerability?
You don't currently have access to this content
How is vulnerability disclosure changing the way we secure software?
You don't currently have access to this content