Organizations should establish a channel for anyone to report vulnerabilities in their systems. This ensures that potential security flaws are spotted and fixed before they are exploited.
According to Kevin Gallerin, Asia-Pacific managing director of bug bounty platform YesWeHack, establishing a vulnerability disclosure policy (VDP) would provide assurance to anyone acting in good faith, such as security researchers, that they would not face prosecution for reporting the vulnerability.
In fact, Gallerin remarked in a video interview that creating such policies was more important than conducting bug bounty programs. He said that more businesses are now recognizing the importance of a VDP, which outlines a secure and transparent structure.
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.
