|
CERT Spotlight: Vulnerability RemediationHow do you know which holes to patch?In an ideal world, software would not contain vulnerabilities that attackers could exploit. But other than following best practices such as installing patches, how do you protect yourself and your data against threats you don't know about? We are addressing that problem with our work in vulnerability remediation. As part of our process, we analyze reports of vulnerabilities, coordinate with vendors to address the vulnerabilities, and disclose information about the vulnerabilities and mitigation techniques in various publications and in our vulnerability analysis blog. |
AnnouncementsSeptember 17, 2008Interactive Vulnerability Reporting Form Released September 16, 2008New Podcast Released September 8, 2008Java Secure Coding Standard Released |