Software vulnerabilities studied

The Organization for Internet Safety is soliciting comments on its guidelines for reporting and responding to software security vulnerabilities.

The consortium of software vendors, researchers and security consultants released the guidelines in July 2003, hoping to bring order to the struggle between code makers and code breakers. In the second version, expected in mid-July, OIS hopes to address issues sidestepped in the first edition, such as what role, if any, the government should play in vulnerability reporting.

Comments are being accepted through June 24 at


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB