You are here: silicon.com > Software > Security Strategy

Security Strategy

Security select XI tackles reporting standards

Microsoft lines up alongside Oracle up front...

Printer Friendly Email Story RSS

By Robert Lemos

Published: 27 September 2002 10:05 BST

A new group, consisting of eleven software makers and security firms, has formed to set down rules regarding how the security community should responsibly release information on software flaws.

Oracle and Microsoft are among the members of the group, called the Organisation for Internet Safety, which hopes to bridge the gap between security firms and independent consultants who release information about flaws to grab media attention and the software companies that frequently find themselves with egg on their face over the holes in their applications.

On its site, (see http://www.oisafety.org for more),the group says: "Today, there are no agreed-upon processes for handling security vulnerabilities. The lack of any consensus procedures complicates the process of fixing vulnerabilities, and ultimately increases the risk that all computer users face."

The group stressed that any guidelines it creates will be just that no enforcement mechanism will be advocated.

Members of the group are security companies @Stake, BindView, Foundstone, Guardent, ISS, NAI, and Symantec as well as software makers Caldera, Microsoft, Oracle and SGI.

Add Comment Add comment  Printer Friendly Print story   Email Story Email story   RSS
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Hackers to face life imprisonment

Hacker steals Nasa shuttle plans

Hacking expert warns of 'end of the world' VPN flaw

Election 2005: Next government must launch 'war on hackers'

Linux developers prioritise security

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Martin Brampton Brampton Factor: Open source stands up for its rights Copyright can keep the movement alive...

Bob Tarzey The rise and rise of Infor Quocirca's Straight Talking: Where next for the apps giant?


IBM blade slashes security threat

UK crime fighters grapple with iPhone wipe threat

Microsoft criticises Google over privacy

Warning over wi-fi 'piggybackers'

Liverpool midwives cull paper with 3G laptops

One million bank customers' details sold on eBay



  • Jobs
Clinical Statistical/ SAS Programmer. South East or Home based.

Maintains familiarity with regulatory authority guidelines relating to biostatistics, data reporting and medical issues in project areas. Face to ...

Regulatory Affairs Specialist - Manchester - 35K

Assurance, Regulatory Affairs and Pharmacovigilance/Drug Safety. Progressive Pharma pride ourselves on offering candidates consultative advice ...

Senior Biostatistician Leading provider Drug Discovery.

ROLE To be responsible for designated aspects of statistical input for the design, analysis and reporting of a project according to contracted ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

Bracknell Forest reaps virtual rewards

E4 embraces web 2.0 audience

Danone on health kick with Itil

Burda Enacts Comprehensive CRM Strategy With PeopleSoft

Osterman Research Case Study: WorldCom

Simplification Through Virtualization

mySAP ERP: Powered by SAP NetWeaver

Stories from the web...

History of British PCs

Why work in IT?

60-Second Pitch - data security services


TelePresence saves HSBC money - and airmiles

Red tape hampering tech research

Sony Ericsson issues SDK for Windows Xperia

Beeb buys high tech film vault

Indian outsourcers haemorrhaging staff




Quick Sitemap Links: