Vulnerability Disclosure Platform – Public Disclosure Alert

Centralized Vulnerability Disclosure Platform

Centralized platform for reporting, managing, and coordinating vulnerabilities across your organization, ensuring secure and efficient handling with streamlined processes and enhanced collaboration.

Vulnerability reporting and management

CVE assignment and tracking

Disclosure policy creation tools

Designated national CSIRTs coordination

Our Journey Toward Stronger Cybersecurity

We enhance secure vulnerability management

Offering tools for efficient vulnerability reporting and management across your organization.

Promoting transparency and cybersecurity best practices

Helping organizations create and publish effective vulnerability disclosure policies.

Supporting collaboration among cybersecurity stakeholders

Enabling seamless coordination between organizations, researchers, and CSIRTs for improved security outcomes.

Offering accessible solutions for everyone

All Disclosure Alert platform features are completely free, ensuring full availability to all entities.

Coordinated Vulnerability Disclosure (CVD) has become an essential component of modern cybersecurity practices, especially for entities operating in sectors critical to the security and well-being of society. The NIS 2 Directive (Directive (EU) 2022/2555) underscores the importance of managing vulnerabilities in ICT products and services, urging entities to establish effective procedures for identifying, disclosing, and remedying vulnerabilities. This coordinated approach helps to mitigate the risks posed by cybersecurity threats and ensures that vulnerabilities are addressed swiftly and securely, minimizing the risk of exploitation by malicious actors. According to Article 26 of the directive, vulnerability management and disclosure are key components of a robust cybersecurity framework aimed at enhancing the security of network and information systems across the European Union.

Vulnerability Management Framework

Critical for mitigating cybersecurity threats and ensuring swift, secure handling of vulnerabilities under the NIS 2 Directive.

Secure Vulnerability Management

Entities must implement processes to identify, disclose, and mitigate vulnerabilities, ensuring protection against exploitation and threats.

NIS 2 Compliance

Effective and coordinated vulnerability disclosure is required under Article 26 to strengthen network and information systems across the EU.

Coordinated Vulnerability Disclosure

Implementing secure vulnerability management and national policies for NIS 2 Directive compliance while protecting researchers.

Vulnerability-Handling Procedures

Essential and important entities under NIS 2 must establish and implement robust procedures for internal vulnerability identification, mitigation, and collaboration with external parties.

National Policy Support

Member States, with ENISA’s support, must implement national policies on coordinated vulnerability disclosure to ensure secure reporting and protect researchers.

Entities subject to the NIS 2 Directive, particularly essential and important entities, have a clear obligation to establish vulnerability-handling procedures that not only allow for internal identification and mitigation but also foster collaboration with external parties, such as researchers or third-party security professionals. ENISA, the European Union Agency for Cybersecurity, recommends coordinated vulnerability disclosure as a best practice for improving the overall resilience of ICT systems and services. The directive mandates that Member States, in cooperation with ENISA, support the establishment of a national policy on coordinated vulnerability disclosure, as per Article 29, to encourage secure and responsible reporting of vulnerabilities, while protecting researchers from legal repercussions when acting in good faith.

Frequently Asked Questions

features, benefits, and functionality of the Disclosure Alert platform, guiding you on how to make the most of our services.

Learn More

How do I create a vulnerability disclosure policy on the platform?

We offer an intuitive online tool that guides you step-by-step through the process of creating a customized disclosure policy tailored to your organization’s needs.

What is the cost of using the Disclosure Alert platform?

Can I get a CVE identifier for reported vulnerabilities through your platform?

How does your platform help with coordination between CSIRTs

Do I need to be an Edgewatch customer to access the platform?

Have Questions?

Feel Free to Contact Us!

Our team is here to assist you with any inquiries about our platform, features, or services—reach out anytime for support.

Contact Info