Page History
...
The Awareness and Adoption Group within the NTIA Multistakeholder Process for Cybersecurity Vulnerabilities [2] surveyed security researchers and vendors, finding that [3]:
- 92% of researchers participate in some form of CVD.
- 70% of researchers expected regular communication from the vendor about their report. Frustrated expectations were often cited as the reason for abandoning the CVD process
- 60% of researchers cited threat of legal action as a reason they might not work with a vendor to disclose
- 15% of researchers expected a bounty in return for their disclosure
...
Overview
Content Tools