This resource is no longer available
Bug bounty programs may capture the majority of headlines in hacker-powered security today, but organizations of all shapes and sizes must first open a channel for ethical hackers to alert them to potential vulnerabilities they find.
It’s called a vulnerability disclosure policy (VDP).
This article will answer the simple question of what a VDP is, what’s included in a good policy, which organizations have a VDP today, and which government agencies have published guidance on VDPs.
Read on to learn more today.