Researchers and PSIRTs Working Well Together

Update: 2022-05-03

Description

Shannon Sabens of CrowdStrike and Milind Kulkarni of a NVIDIA discuss what security researchers should expect when reporting vulnerabilities to a Product Security Incident Response Team (PSIRT); how to best to collaborate with them; how to interpret responses from the PSIRT; how to get the best outcome when making a report; supported versus end-of-life (EOL) products; CVE Numbering Authority (CNA) scopes; timing of a patch versus the publication of a CVE Record; and more.

Comments

In Channel

The CVE Consumer Working Group (CWG)

2025-10-1420:45

Mapping the Root Causes of CVEs

2025-08-0523:51

25 Years of CVE and What’s Next

2025-02-0447:29

CNA Onboarding Process Myths Versus Facts

2024-10-0124:33

Expected Impact of the CNA Rules 4.0

2024-05-2137:40

Swimming in Vulns (or, Fun with CVE Data Analysis)

2024-04-2943:32

Meet the 3 New CVE Board Members

2024-04-0925:49

CVE Records States and Tags

2024-03-2633:31

The Council of Roots

2024-01-3048:09

How the New CVE Record Format Will Benefit Consumers

2023-09-2625:41

Becoming A CNA—Myths versus Facts

2023-06-2122:25

Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0

2023-03-0730:08

Coordinated Vulnerability Disclosure

2022-12-3023:07

An Insider’s View of the CVE Program

2022-09-2723:27

The Value of Assigning CVEs

2022-06-1419:11

Researchers and PSIRTs Working Well Together

2022-05-0326:22

Enhancing CVE Records as an Authorized Data Publisher

2021-12-0727:45

How Red Hat's Active Participation Helps Improve the CVE Program

2021-11-2024:06

CVE Myths versus Facts

2021-10-1227:37

CVE Working Groups, What They Are and How They Improve CVE

2021-09-0226:32

00:00

1.0x

Researchers and PSIRTs Working Well Together

#box-pro-ellipsis-176504584607981{-webkit-line-clamp:2;}Researchers and PSIRTs Working Well Together

Researchers and PSIRTs Working Well Together

CVE Program

Researchers and PSIRTs Working Well Together