There has been much development in recent years on vulnerability disclosure. The Netherlands has taken the lead in 2013 by publishing an official guideline for "Responsible Disclosure".
Since then much has happened, other countries have shown an interest and there is even a (free!) ISO standard on Coordinated Vulnerability Disclosure. In this talk I'll summarise the global developments and explain how and why things have gone as they are.
At the end of this talk I'd also like to have an open discussion and collect feedback on how the Dutch government has handled this and can possibly improve this.
#NetworkSecurity #PhysicalSecurity #DeviceSecurity #Politics