|
Work Item Reference |
ETSI Doc. Number |
STF |
Technical Body in Charge |
Download Standard
|
|
DTR/CYBER-0062
|
TR 103 838
|
|
CYBER
|
|
Current Status (Click to View Full Schedule) |
Latest Version
|
Cover Date |
Standstill |
Creation Date |
|
Publication (2022-01-27)
|
1.1.1
|
2022-01-27
|
View Standstill Information
|
2020-10-21
|
|
Rapporteur |
Technical Officer |
Harmonised Standard |
|
|
Colin Whorlow
|
Sonia Compans
|
No
|
|
|
Title
|
Cyber Security; Guide to Coordinated Vulnerability Disclosure Guide to Coordinated Vulnerability Disclosure
|
Scope and Field of Application
|
This technical report is for companies and organisations of all sizes who want to implement a vulnerability disclosure process. It is not intended to be a comprehensive guide to creating and implementing a vulnerability disclosure process, but instead focuses on an essential offering. The report will contain examples of vulnerability disclosure policy, action plans and generic advice on how to respond to a vulnerability disclosure. This work is complementary to ISO/IEC 29147:2018 Information technology — Security techniques — Vulnerability disclosure, ETSI's own CVD process and can be used to support EN 303 645.
|
Supporting Organizations
|
Cadzow Communications, NCSC, BT plc, CIS, DCMS, umlaut
|