Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use story: vendor initiated coordination. #3

Open
chandanbn opened this issue Oct 1, 2020 · 2 comments
Open

Use story: vendor initiated coordination. #3

chandanbn opened this issue Oct 1, 2020 · 2 comments
Labels
enhancement New feature or request

Comments

@chandanbn
Copy link

User story: A vendor wants to share and coordinate a vulnerability with select other vendors.

Current capability: Looks like this can be done by reporting a new issue and then requesting CERT/CC assistance on potentially affected vendors.

Possible incremental enhancement: https://kb.cert.org/vince/comm/report/ --> "Do you believe multiple vendors are affected?" could be enhanced to pick select vendors, have them notified or included in the case immediately.

Ability to directly create and manage cases and access lists would be great.
@ahouseholder ahouseholder added the enhancement New feature or request label Oct 2, 2020
@ahouseholder
Copy link

Can you please clarify if/how this is different from #4?

@chandanbn
Copy link
Author

#4 is about expanding the social network of vendors on the VINCE platform via invites or nominations.
#3 is about a vendor acting as a reporter/coordinator to report a new case/vulnerability and select an audience of existing vendors on the platform.

@zmanion zmanion mentioned this issue Feb 7, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ahouseholder @chandanbn