1 Oct
2014
1 Oct
'14
5:16 p.m.
On 10/01/2014 02:59 PM, Todd Underwood wrote:
read: http://www.xenproject.org/security-policy.html
they have a sensible, commonly used security policy that involves private notification to large customers in advance where it is practical and there is not evidence of ongoing exploits in the wild.
this is kind of incident handling 101 and shouldn't be surprising to anyone.
You don't have to be that large to get on the list.