Vulnerability disclosure publications and discussion tracking

Editors: OUSPG crew (OUSPG), Juhani Eronen (NCSC-FI), Ari Takanen (Codenomicon)


A long and vivid debate for and against different vulnerability disclosure models is still taking place. Sources that collect all these valuable arguments are scarce. This document acts as a place-holder for related contributions that we are aware of. Paper, articles and more informal documents are grouped based on the type of publication. We hope that these links are useful to anyone familiarising themselves with the scene or planning further contributions.

Table of contents

Academic publications

Conference papers, etc.

" by Matthew Finifter, Devdatta Akhawe, and David Wagner.

Journal articles, Publication series, etc.

Conference speeches

Books, thesises and reports

White papers (or other online publications)

Disclosure policies and Guidelines

News articles



Blog entries

Selected messages from discussion lists

Selected threads from newsgroup discussions

Selected threads from bulletinboards


Other resources