Is there a written security disclosure policy for Boost? As an example, is there a boost document that says all security vulnerabilities will be reported to NIST? If so, can someone point me to the disclosure form? I've seen in some documentation references to CVEs. Does this mean all security vulnerabilities are required to be submitted to NIST? Thanks, Mark [CONFIDENTIALITY AND PRIVACY NOTICE] Information transmitted by this email is proprietary to Medtronic and is intended for use only by the individual or entity to which it is addressed, and may contain information that is private, privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please delete this mail from your records. To view this notice in other languages you can either select the following link or manually copy and paste the link into the address bar of a web browser: http://emaildisclaimer.medtronic.com
participants (1)
-
Feuer, Mark