New Open Source Effort: Legal Code to Make Reporting Securit资料
本文为去找网小编(www.7zhao.net)为您推荐的New Open Source Effort: Legal Code to Make Reporting Security bugs Safer，希望对您有所帮助，谢谢！
The Disclose.io framework seeks to standardize "safe harbor" language for security researchers.
Not a week goes by without another major business or Internet service announcing a data breach. And while many companies have begun to adopt bug bounty programs to encourage the reporting of vulnerabilities by outside security researchers, they've done so largely inconsistently. That's the reason for , a collaborative and open source effort to create an open source standard for bug bounty and vulnerability-disclosure programs that protects well-intentioned hackers.
...Companies that manage bug bounties for large organizations, including HackerOne and Bugcrowd, have made their own efforts to get customers to standardize security terms. But these efforts haven't been translating into a wider adoption of those best practices—which is why Disclose.io was formed. The project has its roots in two separate-but-similar efforts being rolled into Disclose.io. The first is #LegalBugBounties, which is an effort started by Amit Elazari, a doctoral candidate at the University of California at Berkeley School of Law and a grantee of the university's . The second is , an effort launched in April by Bugcrowd and the law firm CipherLaw.
Read more at
以上为New Open Source Effort: Legal Code to Make Reporting Security bugs Safer文章的全部内容，若您也有好的文章，欢迎与我们分享！