Cisco stre...tches vulnerability disclosure timeline out to 90 days
Cisco's decided it's going to give 90 days' grace on vulnerability disclosures, to let (mostly) commercial vendors catch up with their bug-fixes. While the best commercial vendors – especially those with bug bounties and a public pro-security stance – are getting better at responding to notifications, they're held back by …