×
Informējam, ka Sistēma pielāgota darbam ar interneta pārlūkprogrammu Internet Explorer (8. un jaunākām versijām) un Mozilla Firefox (3.6 un jaunākām versijām).
Projekta Nr. ISO/IEC AWI 29147 Nosaukums <p class="MsoBodyText" style="margin-right: 57.9pt; text-indent: 2.75pt;">This document provides requirements and recommendations <s>to vendors</s> on the disclosure of vulnerabilities in products and services. Vulnerability disclosure enables users to perform technical vulnerability management as specified in ISO/IEC 27002<s>:2013, 12.6.1</s> [1]. Vulnerability disclosure helps users protect their systems and data, prioritize defensive investments, and better assess risk. The goal of vulnerability disclosure is to reduce the risk associated with exploiting vulnerabilities.</p>
<p class="MsoBodyText" style="margin-right: 60.65pt;">Coordinated vulnerability disclosure is especially important when multiple vendors are affected. This document provides:</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.75pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->guidelines on receiving reports about potential<span style="letter-spacing: -.3pt;"> </span>vulnerabilities;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; line-height: 12.65pt; mso-line-height-rule: exactly; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->guidelines on disclosing vulnerability remediation<span style="letter-spacing: -.25pt;"> </span>information;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; line-height: 12.65pt; mso-line-height-rule: exactly; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->terms and definitions that are specific to vulnerability<span style="letter-spacing: -.15pt;"> </span>disclosure;</p>
<p class="MsoListParagraph" style="text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt; margin: .05pt 0cm .0001pt 33.55pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->an overview of vulnerability disclosure<span style="letter-spacing: -.2pt;"> </span>concepts;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->techniques and policy considerations for vulnerability<span style="letter-spacing: -.3pt;"> </span>disclosure;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->examples of techniques, policies (Annex A), and communications (Annex<span style="letter-spacing: -.3pt;"> </span>B).</p>
<p class="MsoBodyText" style="margin: 0cm 82.75pt .0001pt 19.8pt;">Other related activities that take place between receiving and disclosing vulnerability reports are described in ISO/IEC 30111.</p>
<p class="MsoBodyText" style="margin-right: 73.75pt;">This document is applicable to <span style="color: black; mso-color-alt: windowtext; background: yellow;">anyone</span> who practice<span style="color: black; mso-color-alt: windowtext; background: yellow;">s</span> vulnerability disclosure to reduce risk to users of <s>vendors’ </s>products and services.</p> Reģistrācijas numurs (WIID) 92945 Darbības sfēra <p class="MsoBodyText" style="margin-right: 57.9pt; text-indent: 2.75pt;">This document provides requirements and recommendations <s>to vendors</s> on the disclosure of vulnerabilities in products and services. Vulnerability disclosure enables users to perform technical vulnerability management as specified in ISO/IEC 27002<s>:2013, 12.6.1</s> [1]. Vulnerability disclosure helps users protect their systems and data, prioritize defensive investments, and better assess risk. The goal of vulnerability disclosure is to reduce the risk associated with exploiting vulnerabilities.</p>
<p class="MsoBodyText" style="margin-right: 60.65pt;">Coordinated vulnerability disclosure is especially important when multiple vendors are affected. This document provides:</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.75pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->guidelines on receiving reports about potential<span style="letter-spacing: -.3pt;"> </span>vulnerabilities;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; line-height: 12.65pt; mso-line-height-rule: exactly; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->guidelines on disclosing vulnerability remediation<span style="letter-spacing: -.25pt;"> </span>information;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; line-height: 12.65pt; mso-line-height-rule: exactly; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->terms and definitions that are specific to vulnerability<span style="letter-spacing: -.15pt;"> </span>disclosure;</p>
<p class="MsoListParagraph" style="text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt; margin: .05pt 0cm .0001pt 33.55pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->an overview of vulnerability disclosure<span style="letter-spacing: -.2pt;"> </span>concepts;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->techniques and policy considerations for vulnerability<span style="letter-spacing: -.3pt;"> </span>disclosure;</p>
<p class="MsoListParagraph" style="margin-left: 33.55pt; text-indent: -13.8pt; mso-list: l0 level1 lfo1; tab-stops: 33.6pt;"><!-- [if !supportLists]--><span style="mso-font-width: 99%;"><span style="mso-list: Ignore;">—<span style="font: 7.0pt 'Times New Roman';"> </span></span></span><!--[endif]-->examples of techniques, policies (Annex A), and communications (Annex<span style="letter-spacing: -.3pt;"> </span>B).</p>
<p class="MsoBodyText" style="margin: 0cm 82.75pt .0001pt 19.8pt;">Other related activities that take place between receiving and disclosing vulnerability reports are described in ISO/IEC 30111.</p>
<p class="MsoBodyText" style="margin-right: 73.75pt;">This document is applicable to <span style="color: black; mso-color-alt: windowtext; background: yellow;">anyone</span> who practice<span style="color: black; mso-color-alt: windowtext; background: yellow;">s</span> vulnerability disclosure to reduce risk to users of <s>vendors’ </s>products and services.</p> Statuss Izstrādē ICS grupa Nav uzstādīts
