Search GSSD

NIAC Vulnerability Disclosure Framework

Abstract: 
Report and recommendations by the National Infrastructure Advisory Council. Vulnerabilities in network technology and critical infrastructure are a threat to national and economic security. This report addresses the gap in standards and agreements amongst stakeholders for how, when, and to whom to disclose, communicate, and manage vulnerabilities. Discusses conflicting domestic and foreign legal foundation with respect to network vulnerability management. Provides guidelines for all stakeholders in the vulnerability disclosure process (discoverers, vendors, end users and organizations, and coordinators). Also provides recommendations to the US President to direct Departments and Agencies in vulnerability management.
Author: 
JOHN T. CHAMBERS, JOHN W. THOMPSON
Institution: 
Cisco Systems Inc, Symantec Coporation, National Infrastructure Advisory Council
Year: 
2004
Industry Focus: 
Information & Telecommunication
Internet & Cyberspace
Country: 
United States
Datatype(s): 
Agreements
Policies