Wednesday, July 27, 2005

Overheard on an OWASP discussion listserv....

A truer statement has never been echoed.....

"Although I believe that some care must be placed in the disclosure of zero-day style vulnerabilities that can be maliciously exploited by worms and virus, I don't believe that we should subscribe to the COTS 'responsible vulnerability disclosure' ideas since they are designed to minimize the impact of the vulnerabilities in their stock price, instead of increasing the security of their products and clients."

-- Dinis Cruz

Post a Comment