Singapore | DrewTech Chapter 14: Red queen races – vulnerability disclosure programs

With increasing numbers of systems under siege, and greater scrutiny on security and data, companies may be interested in having security researchers report vulnerabilities to them rather than to have the vulnerabilities sold to the highest bidder on the dark web. This article will discuss the potential pitfalls of such a program as well as the relevant legal regimes that surround it.

Please click here to read more about the update.

If you missed any of the chapters in our DrewTech series, you can read them below: 

  1. Chapter 1: The Importance of an Exit Strategy in Tech Contracts
  2. Chapter 2: Employees, technology and a legal hangover - bring your own problems?
  3. Chapter 3: I host, you post, I get sued?
  4. Chapter 4: Diabolus ex machina - Artificial (un)Intelligence and liability
  5. Chapter 5: Bringing Hygiene Online - The MAS Notice on Cyber Hygiene
  6. Chapter 6: Signing without signing – contactless contracts
  7. Chapter 7: My Kingdom for a Horse – When your Systems are Held to Ransom
  8. Chapter 8: New risks in new skins - Updates to the Guidelines on Risk Management Practices – Technology Risk
  9. Chapter 9: Of blockchains and stumbling blocks
  10. Chapter 10: Service by airdrop - no parachutes required
  11. Chapter 11: Large language models and larger legal minefields
  12. Chapter 12: Beset on all sides – liability for data breaches 
  13. Chapter 13: Pitfalls of user-generated content. 

Get in touch

Rakesh Kirpalani

Director, Dispute Resolution & Information Technology / Chief Technology Officer
Read more