Скачать или смотреть What is a Vulnerability Disclosure Policy (VDP)?

Every business needs a Vulnerability Disclosure Policy. Yes, you do, too.
A VDP provides a legally secure, structured framework for reporting vulnerabilities on a company's website, products or services. It ensures that those who report vulnerabilities are legally protected. In addition, a VDP showcases companies' commitment to security, by welcoming external examination - a reassuring gesture for partners and customers who value security.

YesWehack helps you build your own by providing you with a complete solution. YesWeHack provides its vast experience in working with ethical hackers, managing security vulnerabilities and its ISO 27001 certified infrastructure, and offers support in the following steps:

• Support in drafting the Policy’s text and commitments
• Support in creating the customer's VDP webpages, integrated into his domain
• Provision of a secure online reporting form for vulnerability reporting
• Secure encryption of reports in the browser via PGP encryption
• Traceability of submitted reports by anchoring the proof of deposit in a blockchain
• Optional: triaging received reports

Founded in 2013, YesWeHack is a global Bug Bounty & VDP Platform.
YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered), connecting more than 18 000 cyber-security experts (ethical hackers) across 120 countries with organisations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices.
YesWeHack runs private (invitation based only) programs, public programs and vulnerability disclosure policies (VDP) for hundreds of organisations worldwide in compliance with the strictest European regulations.

More details on www.yeswehack.com
#BugBounty #VDP #VulnerabilityDisclosurePolicy #ResponsibleDisclosure #security #crowdsourcedsecurity