Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Things to do before vulnerability disclosure

From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 17 Jun 2009 22:34:59 -0400
The politics of it depend on the situation.

It's really unfortunate that there is no Safe Harbor for legitimate researchers.

Jeff

On 6/17/09, Adriel T. Desautels <ad_lists () netragard com> wrote:

Vulnerability disclosure is a powerful tool that hackers can use to force
otherwise unwilling vendors to fix risks in their technology as opposed to
just keeping the risks quiet and keeping customers ignorant.   The truth is
that without it software would still be very insecure and poorly written.
The politics of it depend on the situation.

 [SNIP]


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: