Skip to Main Content
In the information security world, vulnerabilities and exploit tools and techniques are effectively open source - they're just accessible to malicious attackers as they are to security vendors, administrators, and the public at large. In this article vulnerability disclosure is the phenomenon of openness and transparency among security researchers, security vendors, product vendors, and other stakeholders. It carries costs to stakeholders by disrupting release schedules or otherwise straining their development resources. It can also negatively affect a vendor's security reputation and brand, which ultimately becomes a major PR and sales issue.