ANSI Webstore
BACK
Standards PDF Cover Page PREVIEW

 Historical

ISO/IEC 29147:2014

Information technology - Security techniques - Vulnerability disclosure

ISO/IEC 29147:2014 gives guidelines for the disclosure of potential vulnerabilities in products and online services. It details the methods a vendor should use to address issues related to vulnerability disclosure. ISO/IEC 29147:2014

  1. provides guidelines for vendors on how to receive information about potential vulnerabilities in their products or online services,
  2. provides guidelines for vendors on how to disseminate resolution information about vulnerabilities in their products or online services,
  3. provides the information items that should be produced through the implementation of a vendor's vulnerability disclosure process, and
  4. provides examples of content that should be included in the information items.

ISO/IEC 29147:2014 is applicable to vendors who respond to external reports of vulnerabilities in their products or online services.

CONTENT PROVIDER
International Organization for Standardization [iso]
Others Also Bought
Information technology - Security techniques - Vulnerability handling processes
ADD TO CART
Application of risk management for IT-networks incorporating medical devices - Part 2-2: Guidance for the disclosure ...
ADD TO CART
Information technology - Security techniques - Information security management systems - Requirements
ADD TO CART
Document History
Revised By:
Included in Packages
This standard is not included in any packages.
Amendments & Corrections
We have no amendments or corrections for this standard.

Useful Links

CUSTOMER SERVICE

Our Contacts

ANSI HEADQUARTERS
Washington, DC
1899 L Street, NW, 11th Floor
Washington, DC 20036

Tel: 202.293.8020
Fax: 202.293.9287

NEW YORK OFFICE
New York, NY
25 West 43rd Street, 4th floor
New York, NY 10036

Tel: 212. 642.4900
Fax: 212.398.0023