When you do coordinated disclosure, do you also see companies pushing announcements of big scary vulnerabilities to a Friday? If so, how do you deal with it?

· · Web · 2 · 0 · 0

Thank you for participating. In this particular case I asked them to reschedule and they agreed, so the blog post will be published on Monday. But I got a great hint from @varx for the future: publish a placeholder post a few days before, making sure that nobody misses disclosure on Friday.

@WPalant I would be inclined to make a "watch this space" post on a Wednesday saying that on Friday there will be a major vulnerability announcement about X. ("Sorry for being vague, but I don't want this to get missed due to the Friday news effect. 😃")

@varx This is a nice idea which I might end up using. Not this time however, the vendor agreed to move to Monday.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.