+ 8

Responsible disclosure, bug bounties ($, fame), code folders

Professional pentesters often delay public disclosures, giving vendors response time before releasing findings/exploits. Many vendors even inventivize that, like the list here (~ 250 count): https://hackerone.com/bug-bounty-programs * Is there a SoloLearn disclosure policy? And, I've published accidentally--could feedback-related PoC's be a good reason for code folders? * Fun read: US DoD guarantees they won't prosecute if you follow the rules...but cannot promise their customers won't. Caveat emptor.

26th Mar 2017, 5:10 AM
Kirk Schafer
Kirk Schafer - avatar
2 Réponses
28th Mar 2017, 4:55 AM
Tashi N
Tashi N - avatar
+ 5
Alright. That's as close as it's going to be I think.
5th Apr 2017, 7:56 AM
Kirk Schafer
Kirk Schafer - avatar