1 article
Pwn2Own's 90-day coordinated disclosure rule gives vendors time to patch before technical details are made public. For enterprise defenders, the same 90 days is a known timeline during which the confirmed existence of specific zero-days — but not their technical details — is public. Understanding how to use that window is an underexplored aspect of enterprise vulnerability management.