Coordinated Vulnerability Disclosure Policy: part of your proactive security approach. Takeaways from the Beltug Debate Room: 21 January 2021
Security has never been higher in our members’ priorities. Especially as, with the sudden and massive increase in homeworking, vulnerabilities are piling up and potential incidents are right around the corner. One tool to identify weaknesses is a Coordinated Vulnerability Disclosure Policy (CVDP). This is a set of rules that allows ‘ethical hackers’ to investigate your system for flaws and then inform you about them.
21 / 01 / 21
Beltug cooperates with the Centre for Cyber security Belgium (CCB), to share information that can support our members’ security needs and goals. The CCB worked with intigriti to publish a ‘Guide to a Coordinated Vulnerability Disclosure Policy’ that covers both best practices and legal aspects. It includes reasons to adopt a CVDP, what should be included, the steps for creating your policy, data privacy, fraud and infractions, and more.
But there are plenty of questions and issues surrounding ethical hacking and bug bounties. So at this event, we gave our members the chance to bring up their questions and concerns. After an introduction by intigriti and the CCB, we opened the floor for debate amongst peers, about the opportunities or challenges they see with CVDPs.
Presentations from the speakers and a recording of the event are available to our members (after log-in).
- CCB presentation: Coordinated Vulnerability Disclosure Policies
- intigriti presentation: Making security testing agile