Additional details on coordinated vulnerability disclosure
can be found at http://blogs.
One-off manual attacks are growing into massive automated attacks: More than half of all vulnerability disclosures
were related to web server applications.
X-Force points to several trends to explain the decrease in vulnerability disclosures
in the first half of 2007 versus the exponential vulnerability growth trends observed in previous years.
DeSot will lead Digital Defense's Vulnerability Research Team and oversee the Company's vulnerability disclosure
Free Speech and Privacy Rights Organization Offers Consultations on Legal Rights and Vulnerability Disclosure
The busiest month in 2006 for vulnerability disclosure
was June, while the busiest week was the week before Thanksgiving and the most popular day of the week to disclose vulnerabilities was Tuesday.
Both the vulnerability disclosure
framework and CVSS are suggested for global users.
Nearly half of vulnerabilities remain unpatched -- To help prevent attackers from exploiting vulnerabilities, organizations must focus on shortening the window of time between vulnerability disclosure
and patch installation.
The time between vulnerability disclosure
and exploit availability is shrinking to amazing levels - the days of true zero-day exploits are upon us.
As with Secunia's own internal research, external contributors must adhere to the company's strict vulnerability disclosure
As a security practitioner, I'm happy to see this kind of partnership, since it offers a forum for increasing the level of responsibility that is shown in vulnerability disclosure
In recognition of the endless debate between responsible disclosure and full disclosure proponents and the debate's ability to detract from productive industry collaboration and customer defense, Microsoft announced it will move to a new practice and philosophy of coordinated vulnerability disclosure
Security updates from a dedicated team of security experts, which help to ensure the latest protection by continuously monitoring multiple sources of vulnerability disclosure
information to identify and correlate new relevant threats and vulnerabilities.
Cenzic report focused on vulnerability disclosures
for various commercial off-the-shelf and open-source software, 2009.
The IBM X-Force report is based on intelligence gathered by one of the industry's leading security research teams through its research of public vulnerability disclosures
findings from more than 4,000 clients, and the monitoring and analysis of an average of 13 billion events daily in 2011.