Process For Publicizing Software Flaws DiscussedProcess For Publicizing Software Flaws Discussed

Should AI-Generated Content Include a Warning Label?Should AI-Generated Content Include a Warning Label?

byJohn Edwards

Jan 24, 2025

5 Min Read

neon green arrow pointing up

Why Enterprises Struggle to Drive Value with AI Why Enterprises Struggle to Drive Value with AI

byLisa Morgan

Jan 23, 2025

10 Min Read

Resilience

Recent in Resilience

See All Resilience

thumbnail

Capital One Outage Highlights Third-Party Risk Capital One Outage Highlights Third-Party Risk

byCarrie Pallardy

Jan 23, 2025

5 Min Read

Portrait of agitated cybersecurity team working in emergency mode with critical error message on computer screen

Top 5 Strategies for Cybersecurity Red Teaming Top 5 Strategies for Cybersecurity Red Teaming

byMaarten Van Horenbeeck

Jan 23, 2025

4 Min Read

ML & AI

Recent in ML & AI

See All ML & AI

Illustration of the word AI Generated in red ink stamp.

Should AI-Generated Content Include a Warning Label?Should AI-Generated Content Include a Warning Label?

byJohn Edwards

Jan 24, 2025

5 Min Read

Arrow Breaking Through Wall Made Of Wooden Blocks On White Background

Breaking Down Barriers to AI Accessibility Breaking Down Barriers to AI Accessibility

byAnup Purohit

Jan 24, 2025

4 Min Read

Data

Recent in Data

See All Data Mgmt

thumbnail

What Happens if AI No Longer Has Access to Good Data to Train On?What Happens if AI No Longer Has Access to Good Data to Train On?

byJoao-Pierre S. Ruth

Jan 17, 2025

Antitrust concept with money in the background

UK Launches Antitrust Investigations Targeting Big Tech UK Launches Antitrust Investigations Targeting Big Tech

byShane Snider

Jan 7, 2025

2 Min Read

Sustainability

Recent in Sustainability

See All Sustainability

Woman standing on the sea looking at the burning city.

LA Wildfires Raise Burning Questions About AI’s Data Center Water Drain LA Wildfires Raise Burning Questions About AI’s Data Center Water Drain

byShane Snider

Jan 17, 2025

4 Min Read

energy concept with electric socket and cable from the sun

Sustainability

AI and the Energy Transition: When Megatrends Collide AI and the Energy Transition: When Megatrends Collide

byDerek Bentley

Jan 3, 2025

4 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

Brendan Carr appears before a Senate Committee on Commerce, Science, and Transportation hearing in 2023

A New Administration and a New Direction for Networks A New Administration and a New Direction for Networks

byPam Baker

Jan 24, 2025

2 Min Read

abstract art Complexity of information flows. Weaving encoded data. Binary code, optical cable 3D illustration.

How Operating Models Need to Evolve in 2025 How Operating Models Need to Evolve in 2025

byLisa Morgan

Jan 22, 2025

9 Min Read

Software

Recent in Software

See All Software

abstract art Complexity of information flows. Weaving encoded data. Binary code, optical cable 3D illustration.

How Operating Models Need to Evolve in 2025 How Operating Models Need to Evolve in 2025

byLisa Morgan

Jan 22, 2025

9 Min Read

zipper half closed as a synonym for integration

Mobile App Integration’s Day Has Come Mobile App Integration’s Day Has Come

byMary E. Shacklett

Jan 21, 2025

4 Min Read

Newsletters
Reports/Research
Online Events
Live Events
Podcasts

White Papers
Advertise With Us
About Us
IT Sectors

Recent in More

information Resource Library

thumbnail

Capital One Outage Highlights Third-Party Risk Capital One Outage Highlights Third-Party Risk

byCarrie Pallardy

Jan 23, 2025

5 Min Read

President Joe Biden meets with White House staff in the Oval Office, 2022, to review remarks he will give at an executive order signing.

What Does Biden's New Executive Order Mean for Cybersecurity?What Does Biden's New Executive Order Mean for Cybersecurity?

byCarrie Pallardy

Jan 16, 2025

5 Min Read

IT Leadership

Process For Publicizing Software Flaws DiscussedProcess For Publicizing Software Flaws Discussed

A new group has been formed to find a way to report security flaws in ways that don't make matters worse.

information Staff, Contributor

September 27, 2002

1 Min Read

A group of software companies, security vendors, and researchers has launched the Organization for Internet Safety to develop a standard process for reporting security flaws in software.

Some security experts release information about flaws before giving vendors time to patch holes, while others release code that hackers can use to exploit flaws and attack vulnerable systems. Software vendors want time to develop and test software fixes before information about security problems is made public.

The organization expects to release a draft plan early next year, proposing that researchers report flaws to vendors before going public and that vendors take all reports seriously, says Scott Blake, a group founding member and VP of IT security at Bindview Corp. Details about vulnerabilities wouldn't be released for 30 days after a patch is published. Vendors such as @stake, Bindview, and Microsoft began discussing this effort a year ago. Caldera, Network Associates, Oracle, Silicon Graphics, and Symantec recently joined.

About the Author

information Staff

Contributor

See more from information Staff

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

SIGN-UP

Editor's Choice

A group of smiling college graduates celebrating their graduation.

Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles

IT Sectors

How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix

Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring

Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.