Page History
...
The aforementioned report is one of many related white papers provided by the DoJ's Computer Crime and Intellectual Property section.
https://www.justice.gov/criminal-ccips/ccips-documents-and-reports
Disclose.io
disclose.io is a cross-industry, vendor-agnostic standardization project for safe harbor† best practices to enable good-faith security research.
Main web site: https://disclose.io/
Github repository with policy templates: https://github.com/disclose/disclose
Where to Look for More
Numerous organizations have already posted their vulnerability disclosure policies. A wide variety of these policies can be found by searching the web for "vulnerability disclosure policy," or "vulnerability disclosure program," or by browsing third-party vulnerability disclosure (e.g., bug bounty) service providers' hosted programs.
...
Panel | ||
---|---|---|
| ||
< Appendix D – - Sample Vulnerability Disclosure Document | Bibliography > |