ISO/IEC 29147:2014
Information technology — Security techniques — Vulnerability disclosure
Reference number
ISO/IEC 29147:2014
Edition 1
2014-02
© ISO 2024
Withdrawn
Withdrawn (Edition 1, 2014)

Abstract

ISO/IEC 29147:2014 gives guidelines for the disclosure of potential vulnerabilities in products and online services. It details the methods a vendor should use to address issues related to vulnerability disclosure. ISO/IEC 29147:2014

  1. provides guidelines for vendors on how to receive information about potential vulnerabilities in their products or online services,
  2. provides guidelines for vendors on how to disseminate resolution information about vulnerabilities in their products or online services,
  3. provides the information items that should be produced through the implementation of a vendor's vulnerability disclosure process, and
  4. provides examples of content that should be included in the information items.

ISO/IEC 29147:2014 is applicable to vendors who respond to external reports of vulnerabilities in their products or online services.

General information

  • Status
     : Withdrawn
    Publication date
     : 2014-02
    Stage
    : Withdrawal of International Standard [95.99]
  • Edition
     : 1
    Number of pages
     : 34
  • Technical Committee :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS updates

Life cycle

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 29147:2014