ISO/IEC 29147:2014

Information technology — Security techniques — Vulnerability disclosure

Publication date: Feb 5, 2014

95.99 Withdrawal of Standard Oct 23, 2018

General information

Current stage: 95.99 Effective date: Oct 23, 2018

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27

Type: International Standard

ICS: 35.030

Languages: English

Buying

Status: Withdrawn

PDF

Paper

PDF and Paper

Language

Language in which you want to receive the document.

Scope

ISO/IEC 29147:2014 gives guidelines for the disclosure of potential vulnerabilities in products and online services. It details the methods a vendor should use to address issues related to vulnerability disclosure. ISO/IEC 29147:2014

provides guidelines for vendors on how to receive information about potential vulnerabilities in their products or online services,
provides guidelines for vendors on how to disseminate resolution information about vulnerabilities in their products or online services,
provides the information items that should be produced through the implementation of a vendor's vulnerability disclosure process, and
provides examples of content that should be included in the information items.

ISO/IEC 29147:2014 is applicable to vendors who respond to external reports of vulnerabilities in their products or online services.

Life cycle

NOW

WITHDRAWN
ISO/IEC 29147:2014
95.99 Withdrawal of Standard
Oct 23, 2018

REVISED BY

PUBLISHED
ISO/IEC 29147:2018