Contents

Establish a vulnerability information service

Create a central database of known software vulnerabilities. This will allow consumers to know what products and services are affected, and help developers fix vulnerable code. Software security research firms typically publish their findings publicly and have a unique vulnerability identifier attached to their work.

Examples

Commentary

Definitions

Related policy actions: Disclosure, Open data, Security, Transparency