I'm having a discussion with a vendor, maybe you can help me out. What's the goal of a security advisory? #infosec
As such, when should a security advisory be published?
To make this clear: this is about security advisories as published by the vendor. Just assuming that the researcher went for coordinated disclosure or no disclosure at all.
A Mastodon instance for info/cyber security-minded people.