Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or IP. According to ISO/IEC 29147:2018, a vulnerability is, “a behavior or set of conditions present in a system, product, component, or service that ‘violates an implicit or explicit security policy.'”
This infographic, Vulnerability 101, answers basic questions about vulnerabilities, such as:
If you want to learn more about vulnerability disclosure, we highly recommend the new report, The 2021 Ultimate Guide to Vulnerability Disclosure.