Security group comes out of the shadows
After nearly a year in the shadows, the Organization for Internet Safety on Thursday formally announced its formation.
The group, made up of security and software vendors, is working on a set of guidelines for handling vulnerability information, which it hopes will bring some order to the chaotic world of security research and vulnerability disclosure. The OIS plans to have a draft of the guidelines early next year.
The foundations for the group were laid at Microsoft Corp.'s Trusted Computing conference last fall, when founding members Microsoft, @stake Inc., Guardent Inc., BindView Corp., Internet Security Systems Inc. and Foundstone Inc. formed a loose alliance dedicated to developing a better way to handle vulnerability disclosure. Since then, the members have met several times and have been working on various legal and organizational issues.
[ Read more ]