◀ Security

IOActive Labs Research: Vulnerability bureaucracy: Unchanged after 12 years

One of my tasks at IOActive Labs is to deal with vulnerabilities; report them, try to get them fixed, publish advisories, etc. This isn't new to me. I started to report vulnerabilities something like 12 years ago and over that time I have reported hundreds of vulnerabilities - many of them found by me and by other people too. It's really sad to tell that, as of right now, 12 years later, I continue to see most (if not all) of the same problems. Not only that, but some organizations that are supposed to help and coordinate vulnerability reporting and disclosure (CERTs) are starting to fail, being non responsive and not contributing much to the

Go To Source
comments powered by Disqus
10 Sep
Virus Bulletin @virusbtn
In the past 12 years, vendors have changed little in the way they respond to vulnerabilities, @cesarcer notes http://t.co/mHk7mIIncT
10 Sep
IOActive, Inc @IOActive
New blog post: "Vulnerability bureaucracy: Unchanged after 12 years" by #IOActive Labs CTO @cesarcer http://t.co/E01pv3Sr4N
10 Sep
Threatpost @threatpost
The #Vulnerability Bureaucracy by @Cesarcer of @IOActive - http://t.co/ImT2RoalC5