Overview
Learn about the critical role of vulnerability disclosure in open source software security through this 18-minute conference talk by Anne Bertucio from Google. Explore the work of the OpenSSF Vulnerability Disclosure Working Group and their efforts to create resources for effective disclosure practices. Understand the importance of the "coordinated" disclosure model and its implications for both maintainers and end users of open source projects. Gain valuable insights into how proper vulnerability disclosure contributes to the overall security landscape of open source software.
Syllabus
What You Need to Know and Do about Vulnerability Disclosure - Anne Bertucio, Google
Taught by
Linux Foundation