[SC-L] Economics of Software Vulnerabilities
Steven M. Christey
coley at linus.mitre.org
Wed Mar 21 15:39:47 EST 2007
I was originally going to say this off-list, but it's not that big a deal.
Arian J. Evans said:
> I think you are on to something here in how to think about this subject.
> Perhaps I should float my little paper out there and we could shape up
> something worth while describing how the industry is evolving today.
I've been wanting to do something along these lines but don't have much
time. I'll gladly review it or provide suggestions. I have a draft on
current disclosure practices that includes the diversity of researchers
and the role of vulnerability information providers.
- Steve
More information about the SC-L
mailing list