Driving simplicity, safety, and standardization in vulnerability disclosure.
disclose.io is a collaborative and vendor-agnostic movement that engages security researchers, corporate and independent legal experts, and industry leaders from all around the world.
The goal of the project is to support the accelerated adoption of vulnerability disclosure best practices including bi-lateral safe harbor, readability for non-legal and non-native language audiences, and a recognizable mark of solidarity with the disclose.io movement.
(Note: While we've engaged the legal opinion of many, this does not constitute legal advice. Please consult your legal counsel for the specific suitability of the disclose.io terms in your organization.)
- Choose the legal terms that best fit your vulnerabilty disclosure or bug bounty progam.
- Add the appropriate disclose.io logo to your public program brief.
- Submit a pull request to add your program to the open-source disclose.io program list.
- Let the world know you're joining the movement! Here are some examples of others who have.
- Contribute back! We're looking for lawyers, hackers, and experts to collaborate. Check our issues log.
disclose by disclose.io is licensed under a Creative Commons Attribution 4.0 International License.