In the field of computer security, independent researchers often discover flaws in software that can be abused to cause unintended behaviour, these flaws are called vulnerabilities. The process by which the analysis of these vulnerabilities is shared with third parties is the subject of much debate, and is referred to as the researcher’s disclosure policy.