Jisc’s vulnerability disclosure policy, the first 1,000 days

Jisc launched its vulnerability disclosure policy in February 2019. The policy was drawn up using ISO 29147:2018, and using guidance from other organisations, most notably NCSC-NL. Here, we look back at some of the trends and successes, as well as the lessons we’ve learned and what we have planned in future. The policy encourages external […]