Security Basics mailing list archives
Re: Disclosure
From: "Adriel T. Desautels" <ad_lists () netragard com>
Date: Wed, 11 Feb 2009 15:24:36 -0500
Notify CERT and the company at the same time anonymously. On Feb 11, 2009, at 2:58 PM, Saphex wrote:
Hi, I have been wondering, how to disclosure vulnerabilities. If some corporate web site has a vulnerability, witch is the best approach to reveal that vulnerability to them? Without getting a lawsuit or something?Is there some law compliant way of doing it? Lets assume they didn't askfor the security *testing*. Best regards, saphex
Adriel T. Desautels ad_lists () netragard com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com
Current thread:
- Disclosure Saphex (Feb 11)
- Re: Disclosure Adriel T. Desautels (Feb 11)
- Re: Disclosure Dennis Kudin (Feb 11)
- Re: Disclosure Saphex (Feb 11)
- Re: Disclosure Eitan Adler (Feb 12)
- RE: Disclosure Craig S Wright (Feb 12)