...
If you have been told about an existing vulnerability case from a group already involved and believe that you should be involved, you can contact the coordinators to be added to the case. From the "Inbox", click the button "New Message" and choose "request for Vendor Access to a Case" from the "Why are you contacting us?" dropdown.
Researchers are typically added to the case by default and should not need to request access. If you do need to request access, you should follow the same steps outlined above.
Participating in the case discussion
other comms: pointer to comms, private thread, PM to coordinator
Attachments/artifacts
...
Giving a vendor statement
vul note/disclosure - be aware of vul note, review draft, comment/feedback, update vendor status, be aware that vul note is published
...