Security News > 2020 > October > IoT Security Foundation Launches Vulnerability Reporting Platform
The Internet of Things Security Foundation, an effort aimed at improving the security of IoT, has launched an online platform designed to make the reporting of vulnerabilities in IoT devices easier.
Launched alongside a new report into coordinated vulnerability disclosure, the Consumer Internet of Things Vulnerability Disclosure Platform is catered to both security researchers and manufacturers, seeking to ensure coordinated vulnerability disclosure management and reporting.
"Timely identification of, and responses to, security issues creates a safer and more resilient product for your company and your customers. Not responding to vulnerability reports or not having a vulnerability reporting mechanism may result in vulnerability disclosure via the press, regulators, or other outlets which can cause serious reputational as well as financial harm to your business and result in legal action," IoTSF notes.
"We think vulnerability disclosure should be an easy and straightforward process. We also believe that sharing information is key to improving the security of consumer IoT devices. By creating a user-friendly service for consumer IoT manufacturers and reporters to communicate, we hope that more vulnerabilities can be reported, fixed, and responsibly disclosed to the public," IoTSF says.
"Vulnerability management is such a fundamental element to IoT cyber-hygiene that it is no surprise that governments and regulators around the world are making this a mandatory requirement. We [] see the need to drive this vital security practice and aim to help make it as simple as possible with the launch of the Vulnerable Things platform - especially for the uninitiated and firms who may lack resources. The service brokers good communications between researchers and vendors and guides both through the process until complete," said John Moor, Managing Director of the IoT Security Foundation.