VDRs are a safe and secure method to share data and review it in a collaborative, easy-to-use environment. They can also assist companies comply with data privacy regulations like GDPR and CCPA.
The suggestion that software buyers receive a VDR is gaining ground. The latest SPDX SBOM standard, version 2.3 (K.1.9), includes provisions (K.1.9) that allow software companies to associate with a NIST VDR attestation for their product with an SBOM and thus make the VDR an “living” part of the SBOM. The NIST VDR attestation is linked in a variety of ways including via a URL, using the CycloneDX OWASP SBOM standard (which supports both VDR and VEX) or by direct links to other sources of information on vulnerability management such as GitHub repositories, or public feeds.
For example, airlines have been using Flight Data Recorders (FDR) for years to cut down on the risk of accidents on aircrafts and save lives. VDRs offer similar benefits, and the analysis of the data can improve the safety of passengers.
VDRs are used in many different ways by businesses, but they are most frequently used in M&A transactions, where both parties can conduct due diligence while negotiations are taking place. They can be utilized to share sensitive information during a project such as results of clinical trials or pharmaceutical research and development. AES encryption can increase the security of the VDR. This is the top level of encryption currently used next and is widely utilized by banks, government agencies and online banking.