Coordinating vulnerability disclosures

dcypher Symposium 2019 connecting cybersecurity knowledge – enterprises - policies

Time: 11:30 – 12:45 
Room: Flash (80) 
Language: Dutch
Chaired by Chris van 't Hof  

Coordinating vulnerability disclosures: a new knowledge institute

The Netherlands is champion in Coordinated Vulnerability Disclosure. Supported by the NCSC CVD guideline many security researchers scan the internet for vulnerabilities and report these to the people who they believe should fix them. Still, they struggle with the legal, ethical and organisational bounderies of their efforts. The Dutch Institute for Vulnerability Disclosure (DVID) provides them a platform to collect, evaluate, combine and file vulnerability reports, while serving as a firewall against lawyers, journalists and recruiters. Meanwhile, the institute generates a valuable knowledgebase for statistics and case based reasoning.


This session is organised in close cooperation with the Dutch Institute for Vulnerability Disclosure (DIVD)