Respond to External Vulnerability Reports in Under 14 Days
Description
Ensure all external vulnerability reports are addressed within 14 days
Details
- Default Category: coordinated vulnerability disclosure
- Default Priority Group: P7
- Implementation Details: It is manual (details).
- C-SCRM: false
- Sources: OpenSSF Best Practices Badge Passing Level (vulnerability_report_response)