Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

3Com Lauds 'Responsible' Disclosure Of Security Flaws

LONDON — Data networking group 3Com is planning to reward security researchers who reveal information on newly discovered vulnerabilities as part of an initiative run by its TippingPoint division.

The so called ‘Zero Day Initiative’ is aimed at ensuring the 'responsible' disclosure of security flaws in order to make technology more secure for all users. The goal is to proactively protect businesses against newly discovered vulnerabilities.

According to 3Com, many security researchers want to be recognized for their discovery, but they don't always achieve that in a responsible manner. Instead, and all too often, they post the potentially harmful information publicly, catching businesses and vendors off-guard and unprotected.

The initiative will recognize researchers for the discovery when the vulnerability is publicly disclosed with the vendor's patch.

3Com will notify affected vendors of security flaws so they can immediately begin working on a solution, most often in the form of a patch. The vulnerabilities will only be disclosed publicly once the affected vendor is able to offer a solution to end users, mitigating the threat.

  • 1