Vulnerability Disclosure Program

Australian Cyber Security Centre

The ACSC has released a new publication, Vulnerability Disclosure Programs to help organisations understand and address risks associated with identified vulnerabilities.

A Vulnerability Disclosure Program (VDP) includes processes designed to identify, verify, resolve and report on security vulnerabilities disclosed by people who may be internal or external to an organisation.

This guide gives organisations of all sizes important information to scope, develop and implement a VDP to improve their cyber security posture. It also ensures they are postured for success should a vulnerability be disclosed by an external source.

Organisations are encouraged to familiarise themselves with this publication and implement a VDP in their workplace.

/Public Release. This material from the originating organization/author(s) may be of a point-in-time nature, edited for clarity, style and length. The views and opinions expressed are those of the author(s).View in full here.