A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# PSIRT manages Product, Website, Secrets / Tokens Vulnerabilities Contact: https://www.ibm.com/trust/security-psirt Contact: https://hackerone.com/ibm?type=team Contact: mailto:psirt@us.ibm.com Encryption: https://ibm.ent.box.com/s/gxyniavjpmqj6bnn3gsssirzbp6bmn8p Acknowledgements: https://www.ibm.com/blogs/psirt/ibm-acknowledgement/ Expires: 2023-03-31T12:00+0000
This policy crawled by Onyphe on the 2023-07-01 is sorted as securitytxt.
FireBounty © 2015-2024