Security News > 2022 > October > MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy.
Developed by YesWeHack, the web application is available on GitHub.
"Over the last years, many international and inter-governmental organizations have taken relevant actions promoting the issue of vulnerability disclosure policy as a public policy topic and providing a strong political commitment toward that end," Guillaume Vassault Houlière, CEO at YesWehack, told Help Net Security.
"The OECD, with its working group on Security in the Digital Economy, has promoted the topic of encouraging responsible vulnerability treatment among its members. The CyAN Global Coalition to Protect Cyber Researchers is also an important step to push for consistent legal immunities for zero-day researchers. Then, the EU has put in place regulatory initiatives promoting the use of VDP: the Cybersecurity Act, the update of the NIS Directive and the recent proposal on the Cyber Resilience Act are all encouraging Member States and private organizations to design and deploy VDP to facilitate the reporting, detection, and remediation of vulnerabilities," Houlière concluded.