As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few European countries have put vulnerability disclosure processes in place.

CEPS, a ​think tank and ​forum for debate on EU affairs, has delved in the problematics, listened to industry experts, academics, representatives of EU and international institutions and civil society, and has come up with recommendations on how to improve software vulnerability disclosure in Europe.