ISO/IEC 29147:2014

Information technology -- Security techniques -- Vulnerability disclosure

The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site

ISO/IEC 29147:2014 gives guidelines for the disclosure of potential vulnerabilities in products and online services. It details the methods a vendor should use to address issues related to vulnerability disclosure. ISO/IEC 29147:2014

  1. provides guidelines for vendors on how to receive information about potential vulnerabilities in their products or online services,
  2. provides guidelines for vendors on how to disseminate resolution information about vulnerabilities in their products or online services,
  3. provides the information items that should be produced through the implementation of a vendor's vulnerability disclosure process, and
  4. provides examples of content that should be included in the information items.

ISO/IEC 29147:2014 is applicable to vendors who respond to external reports of vulnerabilities in their products or online services.


Общая информация

  • Текущий статус :  Withdrawn
    Дата публикации : 2014-02
  • Версия : 1
  • :
    ISO/IEC JTC 1/SC 27
    IT Security techniques
  • 35.030
    IT Security

Жизненны цикл

Стандарт, который пересматривается каждые 5 лет



Изменения / Исправления

  • В настоящее время отменен
    ISO/IEC 29147:2014
  • Пересмотрен
    ISO/IEC 29147:2018

Появились вопросы?

Ознакомьтесь с FAQ

Работа с клиентами
+41 22 749 08 88

Часы работы:
Понедельник – пятница: 09:00-12:00, 14:00-17:00 (UTC+1)

Будьте в курсе актуальных новостей ИСО

Подписывайтесь на наши новости, обзоры, а также на информацию о продуктах

 Subscribe