Tool
Global Good Practices – Coordinated Vulnerability Disclosure (CVD)
About
Publication date: 2017
Actor
Type
Themes & Topics
The unprecedented uptake of information and operational/industrial control system technologies (IT and OT/ICS) worldwide leads to a growing dependency of economic sectors, public institutions and societies. Vulnerabilities in software and hardware are abundant. When vulnerabilities are found by a third party, the challenge arises onĀ how to report the vulnerability in a prudent way to those actors who can remove the vulnerability. Time is needed to fix the vulnerability before a wider audience gets
informed.
Coordinated Vulnerability Disclosure (CVD) pertains to the mechanisms by which vulnerabilities are shared and disclosed in a controlled way. This Global Good Practice document helps to shape a concerted international approach and support establishment of national CVD policies.
Source – GFCE website