Overview
documents the expectations for users of VINCE and coordinated vulnerability disclosure processes led by the CERT/CC.Table of Contents |
---|
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
Harassment: We define harassment as unwelcome or hostile behavior, including speech that intimidates, creates discomfort, or interferes with a person's participation or opportunity for participation; verbal threats or demands; degrading language; intimidation; harassing photography, screen shots, or audio or video recording; inappropriate physical contact; sexual imagery; unwelcome sexual attention; stalking; unsolicited physical contact; and sustained disruption of the coordination process, including case handling workflows, presentations, and other events. VINCE platform: The software service that the CERT/CC provides to enable its coordinated vulnerability disclosure practice. VINCE user: Any user of the VINCE platform, including CERT/CC analysts, researchers, vendors, and other participants. CERT/CC analyst: Individuals authorized to represent the CERT/CC within the VINCE platform. |
Responsibilities
is responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that the CERT/CC deems inappropriate, threatening, offensive, or harmful.CERT/CC and responsibility moderationNote |
---|
Choose from one of the following formulations in the final text. |
Persistent or recurring offenses from multiple members of an organization may result in consequences for the organization as well.
ReferencesOther corrective actions may include, but are not limited to:
- A private, written warning from the CERT/CC, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate.
- A warning with consequences for continued behavior.
- A temporary ban from use of VINCE for a specified period of time.
- A permanent ban from VINCE.