A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# You can report security issues on our site through our bugbounty program on HackerOne Contact: https://hackerone.com/ozon # Alternatively, you can use this e-mail address (but we make payments only through HackerOne, so if you want to recieve bounty, use HackerOne for reporting): Contact: security-report@ozon.ru # Other security questions, not connected to security bugs Contact: https://docs.ozon.ru/common/bezopasnost Acknowledgments: https://hackerone.com/ozon/thanks Preferred-Languages: en,ru Canonical: https://www.ozon.ru/.well-known/security.txt Policy: https://hackerone.com/ozon?view_policy=true Hiring: https://job.ozon.ru/
This policy crawled by Onyphe on the 2020-12-02 is sorted as securitytxt.
FireBounty © 2015-2024