Tags Vulnerabilities equities process
Study: Zero days rediscovered much faster
The report comes as White House cybersecurity czar Rob Joyce says he is reviewing the Vulnerability Equities Process — the policy structure that decides whether zero days found by U.S. agencies should be disclosed to the manufacturer.
Bill to reform NSA hacking policy has skeptics in White House
The Trump administration has concerns about a proposed reform of the policy process the U.S. government uses when deciding how to handle newly discovered software vulnerabilities known as zero days, said White House Cybersecurity Coordinator Rob Joyce.
Why reforming the Vulnerability Equities Process would be a disaster
Op-Ed: The leak of NSA exploits is not the worst that could happen — and trying to reform the policy process the U.S. government uses to decide which vulnerabilities to reveal and patch will not make things better.
Should the government stockpile zero day software vulnerabilities?
Storm clouds are rising over the U.S. government's policy on software flaw disclosure after the massive WannaCry infection spread using a cyberweapon developed by the NSA, and even former agency leaders say it might be time to take a fresh look at the Vulnerability Equities Process.
Lawmakers introduce bill to shine spotlight on government hacking stockpile
A new bipartisan bill aims to add transparency to the Vulnerabilities Equities Process.
Zero day study: Hoarding exploits less harmful than generally thought
A new study from the RAND Corp. upends much of the conventional wisdom on zero day vulnerability disclosure — they are rarely discovered independently, which makes hoarding them more effective.