Dear Full-Disclosurers,
Software vulnerability reporting process is a topic that is vividly
debated. Now you have an opportunity to share your experiences and express
your worries on the issue anonymously - by taking part in the OUSPG
research on vulnerability reporting. I am doing a survey that is targeted
to vendors who receive bug reports, to coordinators of the reporting
process (e.g. mailing list moderators and national CERTs), and to reporters
of software vulnerabilities. So, if you do any of these, you are the right
person to answer. Even if someone from your organization already has
answered or is going to answer to this survey, I would still appreciate
getting to know your personal opinions as well.
More information and the links to the questionnaires can be found at:
https://www.ee.oulu.fi/research/ouspg/reporting/q-form/
All answers are anonymous.
The results of the survey will be published on the OUSPG's WWW-pages by the
end of this year.
I cannot do this without your help! ;)
/Tiina Havana - OUSPG
PS: We maintain a link list about discussions on vulnerability reporting:
http://www.ee.oulu.fi/research/ouspg/sage/disclosure-tracking/
Software vulnerability reporting process is a topic that is vividly
debated. Now you have an opportunity to share your experiences and express
your worries on the issue anonymously - by taking part in the OUSPG
research on vulnerability reporting. I am doing a survey that is targeted
to vendors who receive bug reports, to coordinators of the reporting
process (e.g. mailing list moderators and national CERTs), and to reporters
of software vulnerabilities. So, if you do any of these, you are the right
person to answer. Even if someone from your organization already has
answered or is going to answer to this survey, I would still appreciate
getting to know your personal opinions as well.
More information and the links to the questionnaires can be found at:
https://www.ee.oulu.fi/research/ouspg/reporting/q-form/
All answers are anonymous.
The results of the survey will be published on the OUSPG's WWW-pages by the
end of this year.
I cannot do this without your help! ;)
/Tiina Havana - OUSPG
PS: We maintain a link list about discussions on vulnerability reporting:
http://www.ee.oulu.fi/research/ouspg/sage/disclosure-tracking/