DIN EN ISO/IEC 29147:2020-08

Information technology - Security techniques - Vulnerability disclosure (ISO/IEC 29147:2018); German version EN ISO/IEC 29147:2020

Technologies de l'information - Techniques de sécurité - Divulgation de vulnérabilité (ISO/IEC 29147:2018); Version allemande EN ISO/IEC 29147:2020

Informationstechnik - Sicherheitstechniken - Offenlegung von Schwachstellen (ISO/IEC 29147:2018); Deutsche Fassung EN ISO/IEC 29147:2020

Información:

Fecha:

2020-08 /Active

ICS:

35.030 - IT Security

Equivalencias internacionales:

EN ISO/IEC 29147 (2020-05)

ISO/IEC 29147 (2018-10)

Relación con otras normas DIN:

Reemplaza a: DIN EN ISO/IEC 29147:2020-01

Resumen:

This document provides requirements and recommendations to vendors on the disclosure of vulnerabilities in products and services. Vulnerability disclosure enables users to perform technical vulnerability management as specified in ISO/IEC 27002:2013, 12.6.1[1]. Vulnerability disclosure helps users protect their systems and data, prioritize defensive investments, and better assess risk. The goal of vulnerability disclosure is to reduce the risk associated with exploiting vulnerabilities. Coordinated vulnerability disclosure is especially important when multiple vendors are affected.

Keywords:

Coded representation, Data exchange, Data handling (software), Data processing, Data protection, Data representation, Data security, Data storage protection, Data transfer, Data transmission, Defence, Definitions, Information technology, IT security, Online services, Recommendation, Risk reduction, Safety engineering, Specification (approval), Weak points

104,58 €

Formato digital

Nota: Precios sin IVA ni gastos de envío

Añadir a la cesta