18.8: Establish a Process to Accept and Address Reports of Software Vulnerabilities
CSF v1.1 References:
Threats Addressed:
Next Version:
- Critical Security Controls Version 8:
- 16.2: Establish and Maintain a Process to Accept and Address Software Vulnerabilities
Control Statement
Establish a process to accept and address reports of software vulnerabilities, including providing a means for external entities to contact your security group.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]