The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
Hi my name is Josh Dembling and I run the product security incident response team and bug bounty program. I am also the rapporteur for the ISO Technical Report on Multiparty Coordinated Vulnerability Disclosure. I hope to contribute to and learn from this working group.
@jdemblin isn't this a duplicate of #39? As the next step, we'd love incoming new members to create a PR to add themselves to the list of WG members. #20 is a good example of how this might look like.
Hi my name is Josh Dembling and I run the product security incident response team and bug bounty program. I am also the rapporteur for the ISO Technical Report on Multiparty Coordinated Vulnerability Disclosure. I hope to contribute to and learn from this working group.