Category: Research
-
The Case Against ‘Responsible Disclosure’
The debate over vulnerability disclosure is as significant as it is contentious. ‘Responsible disclosure’, a term coined by software vendors many decades ago, advocates that security researchers privately report vulnerabilities to the affected vendor, allowing the company time to fix the issue before making it public. On the surface this approach seems reasonable – it…
-
Red Teaming Dissertation: A Comprehensive Handbook and Framework
Current research in red teaming primarily focuses on practical methodologies, as well as exploring the integration of red teaming with broader cybersecurity strategies. While existing literature provides valuable insights into various aspects of red teaming, there is a gap in the availability of comprehensive guides and frameworks for conducting successful red teaming engagements. This gap…