Vulnerabilities identified in applications are publicly disclosed (where appropriate to do so) by software developers in a timely manner.
Topic
Reporting and resolving vulnerabilities
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Dec 2023
Vulnerabilities identified in applications are publicly disclosed (where appropriate to do so) by software developers in a timely manner.
A new control recommending vulnerabilities identified in applications be publicly disclosed (where appropriate to do so) by software developers in a timely manner was added.