ISO/IEC TR 5895:2022
p
ISO/IEC TR 5895:2022
81807
недоступно на русском языке

Текущий статус : Опубликовано

ru
Формат Язык
std 1 96 PDF + ePub
std 2 96 Бумажный
  • CHF96
Пересчитать швейцарские франки (CHF) в ваша валюта

Тезис

This document clarifies and increases the application and implementation of ISO/IEC 30111 and ISO/IEC 29147 in multi-party coordinated vulnerability disclosure (MPCVD) settings, including the evolving commonly adopted practices in this area, by articulating:

—    The MPCVD life cycle and application of coordinated vulnerability disclosure (CVD) stages (preparation, receipt, verification, remediation[1] development, release, post-release) in MPCVD settings.

—    Stakeholders involved in MPCVD include users, vendors (coordinating, mitigating, and dependent vendors), reporters, and non-vendor coordinators (entities defined in ISO/IEC 29147 and ISO/IEC 30111).

—    The exchange of information between stakeholders during the vulnerability handling and disclosure process in a MPCVD settings.

Clarifying the application of ISO/IEC 30111 and ISO/IEC 29147 in MPCVD settings illustrates the benefits of vulnerability disclosure processes.

 

[1] Remediation is a defined term used in ISO/IEC 30111 and ISO/IEC 29147. This document uses the term "remediation" and verb “remediate” in the context of this definition.

Preview 

Вы можете ознакомиться с данным стандартом в нашей онлайн-библиотеке (OBP)

Общая информация

  •  : Опубликовано
     : 2022-06
    : Опубликование международного стандарта [60.60]
  •  : 1
  • ISO/IEC JTC 1/SC 27
    35.030 
  • RSS обновления

Жизненный цикл

Появились вопросы?

Ознакомьтесь с FAQ

Работа с клиентами
+41 22 749 08 88

Часы работы:
Понедельник – пятница: 09:00-12:00, 14:00-17:00 (UTC+1)