Security News > 2017 > August > US DOJ publishes guidelines for setting up a vulnerability disclosure program (Help Net Security)
2017-08-02 21:35
Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to enlist outside experts to advise them on how to do it, and others will want to rely on their own IT or security department. For the latter, here’s some good news: the US Department of Justice has just released a guidance document for adopting a vulnerability disclosure program for … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ZqqMestGd9c/
Related news
- Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability (source)
- Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure (source)
- Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US (source)
- US defense contractor cops to sloppy security, settles after infosec lead blows whistle (source)