1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HackerOne launches free Vulnerability Coordination Maturity Model tool

Discussion in 'CSO' started by RSS, Sep 22, 2015.

  1. RSS

    RSS New Member Member

    HackerOne is in the business of vulnerability disclosure and bug bounty programs—helping customers to implement solid strategies for communicating and resolving vulnerabilities effectively. In an effort to help more businesses grasp vulnerability disclosure and coordination HackerOne released a free public benchmarking tool called the Vulnerability Coordination Maturity Model. VCCM for short.

    I spoke with Katie Moussouris, chief policy officer for HackerOne, to learn more about VCCM. As the concept of bug bounties gains more mainstream traction more organizations realize they need to have processes and policies in place to govern how vulnerabilities are communicated and managed. When Katie starts to dig in to learn where the company is right now, though, she finds that many have no clue what they’re existing policies or capabilities are. The VCCM was created to give organizations a tool to benchmark where they are so they can identify and prioritize the areas that need to be improved.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page