Vendor SIG Documents

Guidelines for VendorCoordinators relationship

This document "Guidelines for VendorCoordinators relationship" represents the best practice, as the industry sees it, in the area of product vulnerability coordination. More specifically it covers multi-vendor coordination on the world wide scale. If they would like to be used in other situations (e.g., only few vendors in same time zone) then they should be applied judiciously.

This document is product of collaboration of Vendor SIG members and external vulnerability coordinators. Coordinators that have been consulted in the production of this document are:

  • JPCERT/CC, Japan
  • FICORA, Finland
  • NISCC, United Kingdom

This guidelines will be updated as the area of product vulnerability matures and new experiences are gained. We are also welcoming any feedback you may have.

View the Guidelines for Vendor - Coordinators relationship in PDF format (148 KB)

You can send it to

Revision history

2006-Oct-19 Version 1.0 Initial public release

Internet Infrastructure Vendors SIG