Skip to main content

Vulnerability Disclosure Program

New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.

The ACSC has released a new publication, Vulnerability Disclosure Programs to help organisations understand and address risks associated with identified vulnerabilities.

A Vulnerability Disclosure Program (VDP) includes processes designed to identify, verify, resolve and report on security vulnerabilities disclosed by people who may be internal or external to an organisation.

This guide gives organisations of all sizes important information to scope, develop and implement a VDP to improve their cyber security posture. It also ensures they are postured for success should a vulnerability be disclosed by an external source.

Organisations are encouraged to familiarise themselves with this publication and implement a VDP in their workplace.