Forbes
CISA pushing U.S. agencies to adopt vulnerability disclosure policies
Threatpost
“Public vulnerability disclosure should be a basic practice for every company, not just government agencies,” Chris Morales, head of security analytics at Vectra.