/disclose

Driving safety, simplicity, and standardization in vulnerability disclosure.

OtherNOASSERTION

disclose.io

Driving simplicity, safety, and standardization in vulnerability disclosure.

disclose.io is a collaborative and vendor-agnostic movement that engagements security researchers, corporate and independent legal experts, and industry leaders from all around the world.

The goal of the project is to support the accelerated the adoption of vulnerability disclosure best practices including bi-lateral safe harbor, readability for non-legal and non-native language audiences, and a recognizable mark of solidarity with the disclose.io movement.

Getting started

(Note: While we've engaged the legal opinion of many, this does not constitute legal advice. Please consult your legal counsel for the specific suitability of the disclose.io terms in your organization.)

  1. Choose the legal terms that best fit your vulnerabilty disclosure or bug bounty progam.
  2. Add the appropriate disclose.io logo to your public program brief.
  3. Submit a pull request to your program to the open-source disclose.io program list.
  4. Let the world know you're joining the movement! Here are some examples of others who have.
  5. Contribute back! We're looking for lawyers, hackers, and experts to collaborate. Check our issues log.

License

Creative Commons License
disclose by disclose.io is licensed under a Creative Commons Attribution 4.0 International License.