{"title":"漏洞披露是否及时、详细和协调?","authors":"Michael Isbitski","doi":"10.12968/s1353-4858(23)70062-7","DOIUrl":null,"url":null,"abstract":"Vulnerability disclosure is a tricky subject. Organisations need early and detailed information about vulnerabilities in order to fix them. At the same time, threat actors can use the same information to develop exploits that could devastate organisations that don't move fast enough to protect themselves. So how can we balance the need for disclosure against the threats posed?","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"137 ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Can vulnerability disclosure be timely, detailed and coordinated?\",\"authors\":\"Michael Isbitski\",\"doi\":\"10.12968/s1353-4858(23)70062-7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Vulnerability disclosure is a tricky subject. Organisations need early and detailed information about vulnerabilities in order to fix them. At the same time, threat actors can use the same information to develop exploits that could devastate organisations that don't move fast enough to protect themselves. So how can we balance the need for disclosure against the threats posed?\",\"PeriodicalId\":100949,\"journal\":{\"name\":\"Network Security\",\"volume\":\"137 \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Network Security\",\"FirstCategoryId\":\"0\",\"ListUrlMain\":\"https://doi.org/10.12968/s1353-4858(23)70062-7\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Network Security","FirstCategoryId":"0","ListUrlMain":"https://doi.org/10.12968/s1353-4858(23)70062-7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Can vulnerability disclosure be timely, detailed and coordinated?
Vulnerability disclosure is a tricky subject. Organisations need early and detailed information about vulnerabilities in order to fix them. At the same time, threat actors can use the same information to develop exploits that could devastate organisations that don't move fast enough to protect themselves. So how can we balance the need for disclosure against the threats posed?
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
