Responsible Vulnerability Disclosure Guideline

On 7 October 2019 the National Cyber Security Centre SK-CERT has published The Vulnerability Reporting Guideline.

This guideline is a tool for security researchers, software developers, hardware manufacturers as well as for the general public. It provides a detailed procedure and recommended steps for reporting newly discovered vulnerabilities and also a procedure for reporting already existing vulnerabilities found on systems and services being operated.  

„Creation of a comprehensive guideline to vulnerability reporting is the first important step in setting standards for responsible reporting of problems on products and services in both the private and public sectors. Compliance with the basic rules on vulnerability reporting helps to prevent the abuse of vulnerabilities and minimize threats to operations such as critical state services“ said the Director of the National Cyber Security Centre SK-CERT Mr. Rastislav Janota.

The Guideline is available for free at the website of the National Cyber Security Centre SK-CERT:

https://www.sk-cert.sk/en/tips-and-tricks/vulnerability-reporting/index.html

---

The National Security Authority (hereinafter referred to as the Authority) (www.nbu.gov.sk) is the central government body for protection of classified information, cryptographic services, cyber security and trust services. The Authority is a national point of contact for cyber security in the European Union, the North Atlantic Treaty Organisation (NATO) and in the Organization for Security and Co-operation in Europe (OBSE).
The National Cyber Security Centre SK-CERT (www.sk-cert.sk), which was established in the Authority on 1 September 2019 by transformation of the National Unit SK-CERT, is an accredited member of the Trusted Introducer organization and at the same time a member of FIRST (Forum of Incident Response Security Teams) organization with a global membership of 490 teams from 92 states. 

« Späť na zoznam