July 7, 2016 Microsoft Cybersecurity Advocates for Coordinated Norms 2 min read - The latest Microsoft cybersecurity initiative pushed for a more coordinated effort surrounding vulnerability disclosure and communication.
X-Force May 22, 2015 When Vendor Security Vulnerabilities Become Your Own 3 min read - Vendor security vulnerabilities can quickly become a major problem for your business, and it's up to you to minimize the risks involved.
May 18, 2015 United Airlines Launches Bug Disclosure Program to Bolster Software Security 2 min read - United Airlines has become the first company in the airline industry — and one of the few non-software vendors — to launch a bug disclosure program.
Software Vulnerabilities April 6, 2015 Determining the Responsibility of a Vulnerability Disclosure 3 min read - When it comes to reporting a vulnerability disclosure, there are many discussions happening about what is right and what is "responsible."
Software Vulnerabilities March 25, 2015 Made for Headlines: Do Designer Vulnerabilities Compromise Security? 3 min read - As vulnerabilities are now branded with catchy names and logos, security researchers should be careful not to compromise the responsible disclosure process
Application Security December 26, 2014 The Responsible Disclosure Policy: Safeguard or Cybercriminal Siren Song? 3 min read - Having a responsible disclosure policy is the best way to communicate software vulnerabilities to the public. However, is this doing more harm than good?