Tag
vdp
Safeguard articles tagged "vdp" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Best Practices
What is a Vulnerability Disclosure Program
What a vulnerability disclosure program actually is, how it differs from a bug bounty, and what CISA, ISO, and the EU CRA now require of it.
Feb 6, 20267 min read
Industry Analysis
The Economics of Vulnerability Bounties: Who Wins and Who Loses
Bug bounty programs are a billion-dollar market. But the economics do not work equally well for everyone. A look at who benefits, who gets shortchanged, and what the numbers actually say.
Jul 15, 20236 min read
Application Security
Vulnerability Disclosure Programs: Building Trust with Security Researchers
A well-designed vulnerability disclosure program turns external researchers into force multipliers for your security team. A poorly-designed one guarantees your vulnerabilities end up on Twitter instead of your inbox.
Mar 22, 20225 min read