The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
My name is Josh Dembling and I run the Intel Product Security Incident Response Team (PSIRT) and Bug Bounty Program. I and my team manage and coordinate the disclosure of security vulnerabilities with our customers, partners and external researchers. I am also one of the chairs of the industry driven PSIRT Special Interest Group under FIRST.org. In addition, I am a rapporteur for the recently approved ISO Technical Report on Multi-Party Coordinated Vulnerability Disclosure.
I look forward to working together to shape a strategy that will help the broader community develop a more stable approach to coordinated vulnerability disclosure.
Hello,
My name is Josh Dembling and I run the Intel Product Security Incident Response Team (PSIRT) and Bug Bounty Program. I and my team manage and coordinate the disclosure of security vulnerabilities with our customers, partners and external researchers. I am also one of the chairs of the industry driven PSIRT Special Interest Group under FIRST.org. In addition, I am a rapporteur for the recently approved ISO Technical Report on Multi-Party Coordinated Vulnerability Disclosure.
I look forward to working together to shape a strategy that will help the broader community develop a more stable approach to coordinated vulnerability disclosure.
Thank You Josh