Chapter 20. Reporting Security Bugs
In this chapter: |
---|
Whether you find bugs in someone else’s product or someone outside of your company identifies a bug in your product, it is important to understand the different views around reporting security vulnerabilities. Appropriate actions to take both by the bug finder and the vendor once a bug is identified are heavily debated. Vendors usually want the issue to be kept quiet until it is fixed, whereas some bug finders believe in immediate public disclosure. This chapter discusses some of the controversy. In this chapter, you will learn how to responsibly report ...
Get Hunting Security Bugs now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.