A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# PSIRT manages Product, Website, Secrets / Tokens Vulnerabilities Contact: https://www.ibm.com/trust/security-psirt Contact: https://hackerone.com/ibm?type=team Contact: mailto:psirt@us.ibm.com Encryption: https://ibm.ent.box.com/s/gxyniavjpmqj6bnn3gsssirzbp6bmn8p Acknowledgments: https://www.ibm.com/blogs/psirt/ibm-acknowledgement/ Expires: 2024-09-01T00:00+00:00
This policy crawled by Onyphe on the 2021-11-03 is sorted as securitytxt.
FireBounty © 2015-2024