Security researchers and hackers find vulnerabilities. What’s their responsibility in disclosure? What about the vendors when they hear the vulnerabilities? And do journalists have to adhere to the same timelines?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Tom Merritt (@acedtect), host, Daily Tech News Show.

Thanks to this week’s podcast sponsor, Qualys

Qualys is a pioneer and leading provider of cloud-based security and compliance solutions.

Got feedback? Join the conversation on LinkedIn.

On this episode of Defense in Depth, you’ll learn: