Learn about the critical role of vulnerability disclosure in open source software security through this 18-minute conference talk by Anne Bertucio from Google. Explore the work of the OpenSSF Vulnerability Disclosure Working Group and their efforts to create resources for effective disclosure practices. Understand the importance of the "coordinated" disclosure model and its implications for both maintainers and end users of open source projects. Gain valuable insights into how proper vulnerability disclosure contributes to the overall security landscape of open source software.
What You Need to Know and Do About Vulnerability Disclosure
Overview
Syllabus
What You Need to Know and Do about Vulnerability Disclosure - Anne Bertucio, Google
Taught by
Linux Foundation
Tags
Related Courses
-
XZ Backdoor Supply Chain Vulnerability: What You Should Know
-
Apache Commons Text Vulnerability: What You Should Know
-
Preparing for Zero-Day: Vulnerability Disclosure in Open Source Software
-
MOVEit Vulnerability: What You Should Know
-
Palo Alto PAN-OS RCE Vulnerability: What You Should Know
-
Coordinated Vulnerability Disclosure Guide - AMA with CERT Authors
