TALES OF DISCLOSURE - TEN-B ON THE MISSIONIntroduction Tenable’s Zero Day Research team was established and fully staffed in late 2018. Since then, this team has disclosed hundreds of vulnerabilities to dozens of different vendors. Throughout these disclosures, this team has repeatedly confirmed something everyone in the industry already knew: Vulnerability disclosure is hard. While there are plenty of existing resources and agencies attempting to provide some form of standardization or guidance for metrics regarding security issues, such as MITRE providing CVEs as vulnerability identifiers or First.org in establishing severity ratings like CVSS, there’s no centralized authority regarding the vulnerability disclosure process itself. This leads everyone — individuals, organizat

Join for free to read