Some organizations prioritize vulnerability management for compliance purposes rather than product security, occasionally requesting that external security experts (pen-testers) lower the severity ratings of discovered vulnerabilities.

Authors

• Person: Not available Organization: arXiv
  A Mixed-Methods Study of Open-Source Software Maintainers On ...

Sources

• A Mixed-Methods Study of Open-Source Software Maintainers On ... arxiv.org arXiv via serper

Referenced by nodes (2)

• vulnerability management concept
• compliance concept