You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Change your opinions, keep to your principles; change your leaves, keep intact your roots.
Victor Hugo

Over the years, the CERT/CC has identified a number of principles that guide our efforts in coordinating vulnerability disclosures and which seem to be present in many successful CVD programs. These principles include the following:

  • Reduce Harm
  • Presume Benevolence
  • Avoid Surprise
  • Incentivize Desired Behavior
  • Ethical Considerations
  • Process Improvement
  • CVD as a Wicked Problem

We cover each of these in more detail below.

  • No labels

CMU/SEI-2017-SR-022 | SOFTWARE ENGINEERING INSTITUTE | CARNEGIE MELLON UNIVERSITY
Distribution Statement A: Approved for Public Release; Distribution is Unlimited