An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | Dec. 6, 2021

Cybersecurity Speaker Series: The Value of Vulnerability Disclosure

FORT MEADE, Md.   –   The NSA Cybersecurity Collaboration Center released the 3rd video in its Cybersecurity Speaker Series today, focusing on the value of disclosing NSA-discovered vulnerabilities, and the decision making process behind these disclosures. The Cybersecurity Speaker Series highlights NSA experts that share their insights, lessons, and contributions of their work in cybersecurity. 

In today’s video, NSA Cybersecurity Technical Director, Neal Ziring, and Christen, another technical leader, sat down with Cybersecurity Technical Fellow, Dr. Josiah Dykstra to discuss how NSA uses vulnerability research to protect the nation, and the government makes the decision to share vulnerabilities with companies.

“You really can often distill it down to the basic question, which is: ‘What is best for the nation?’” said Christen.
NSA was awarded a Pwnie Award for the best Cryptographic Vulnerability in recognition of NSA’s disclosure of a vulnerability in Microsoft Windows.

 Ziring, credits this to NSA’s talented vulnerability researchers.

“I was just so impressed with how the expert that found it had combined deep understanding of how public key cryptography works with how a modern operating system employs that cryptography,” said Ziring.

To hear more about NSA’s vulnerability research and disclosure, view the full video here.

If you think you have what it takes to join NSA’s team, which includes some of the top vulnerability researchers in the nation, visit www.intelligencecareers.gov/nsa.

NSA releases timely, actionable cybersecurity guidance as part of its mission to secure the Department of Defense (DoD), National Security Systems (NSS), and Defense Industrial Base (DIB). To read NSA’s guidance resulting from vulnerability disclosures and more, visit NSA’s library of cybersecurity advisories and technical guidance.