There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the benefit of the community. This playbook is not always perfect, but it strikes a reasonable compromise between providing time to fix a vulnerability and disseminating that knowledge to help prevent similar vulnerabilities in the future. The … More

The post How EU lawmakers can make mandatory vulnerability disclosure responsible appeared first on Help Net Security.