Latest vulnerability disclosure policy (VDP) news

VDPs – or Vulnerability Disclosure Programs – are established by organizations to provide a framework for responsibly reporting security vulnerabilities.

Typically comprising a scope, safe harbor clause, and remediation methods, they give security researchers reassurance that they can report security flaws without fear of legal consequences – and give organizations confidence that bugs will be uncovered and reported without giving attackers an inadvertent head start.

Financial rewards are not paid to researchers, but VDPs are often a precursor to organizations launching bug bounty programs.

Want more? Catch up with the latest VDP news here.