Every Business Needs a Vulnerability Disclosure Policy. Every. Single. Business.

  • This topic is empty.
Viewing 1 reply thread
  • Author
    • #168261
      Adrian Sanabria

      An anonymous report claims that a ton of your company’s customer data has been exposed. A sense of calm is in the air as you enact your vulnerability
      [See the full article at: Every Business Needs a Vulnerability Disclosure Policy. Every. Single. Business.]

    • #168463
      Erich Kron

      Well said as always Adrian. This part really hits home for me:

      Go — look at your company’s website. Consider its products and applications. How would the general public report an issue? How easy is it to find the right contact information when starting with zero knowledge? Who are the recipients of these emails? Would they forward a critical security report to the right person internally or would they consider it a scam and delete it?

      I’ve been in organizations that, due to the inability to find an easy way to report something, the reporting individual starts picking names they *think* are the right people and just begin to send random emails/messages to these folks throughout the organization. This generated a lot of messages that eventually make it to the correct person, but they came from a lot of different fronts. This caused confusion and additional stress, especially for those that did not understand the nature or severity of the vulnerability.

      Let’s just say that your marketing department may be easy to find, but are not typically the folks you want handling vulnerability reporting. To use a technical term, it tends to get them kerfluffeled and, when dealing with internal issues, the kerfluffling of the marketing department should be avoided at all costs.

Viewing 1 reply thread
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?