|
|
|
|
|
| Product |
ISO/IEC TR 5895:2022
|
||
|---|---|---|---|
| Price | Price USD 106.00 | ||
| Rating | Rating | ||
| Buy | Buy Add to Cart | ||
| Description |
Description
This document clarifies and increases the application and implementation of ISO/IEC 30111 and ISO/IEC 29147 in multi-party coordinated vulnerability disclosure (MPCVD) settings, including the evolving commonly adopted practices in this area, by articulating: — The MPCVD life cycle and application of coordinated vulnerability disclosure (CVD) stages (preparation, receipt, verification, remediation[1] development, release, post-release) in MPCVD settings. — Stakeholders involved in MPCVD include users, vendors (coordinating, mitigating, and dependent vendors), reporters, and non-vendor coordinators (entities defined in ISO/IEC 29147 and ISO/IEC 30111). — The exchange of information between stakeholders during the vulnerability handling and disclosure process in a MPCVD settings. Clarifying the application of ISO/IEC 30111 and ISO/IEC 29147 in MPCVD settings illustrates the benefits of vulnerability disclosure processes. [1] Remediation is a defined term used in ISO/IEC 30111 and ISO/IEC 29147. This document uses the term "remediation" and verb “remediate” in the context of this definition. |
||
| Standard Number | Standard Number ISO/IEC TR 5895:2022 | ||
| Title | Title ISO/IEC TR 5895:2022 Cybersecurity — Multi-party coordinated vulnerability disclosure and handling | ||
| Status | Status Published | ||
| Publication Date | Publication Date 17 Jun 2022 | ||
| Cross References | Cross References | ||
| Descriptors | Descriptors | ||
| ICS | ICS 35.030 | ||
| Committee | Committee ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection | ||
| ISBN | ISBN | ||
| Publisher | Publisher PECB Store | ||
| Format | Format PDF | ||
| Delivery | Delivery NO | ||
| Pages | Pages 14 | ||
| File Size | File Size KB |
My Account
