YesWeHack helps organisations create a Vulnerability Disclosure Policy

Oct 6, 2020

Governmental bodies around the world are actively promoting the benefits of having a Vulnerability Disclosure Policy (VDP) to reduce the risks of cyber-attacks.

Last month, the National Cyber Security Center published guidelines to businesses, addressing the benefits and urgency of having a vulnerability disclosure policy in place to reduce the risk of cyber-attacks. But only a few companies have such a policy. 

YesWeHack, Europe's leading Bug Bounty platform, supports companies through every step of setting up a Vulnerability Disclosure Policy (VDP). They help to craft the contents of the VDP, create a VDP webpage, and set up a structured form for submitted reports. Companies benefit by receiving higher-quality reports on their security vulnerabilities and spending less time on irrelevant reports and internal vulnerability management.

Secure Framework for Coordinated Reporting Of Cyber Security Vulnerabilities

There are many ethical hackers who are willing to report vulnerabilities to companies, and help them be more resilient against attacks. Unfortunately, they were often misunderstood in the past as bad actors who were attempting to attack companies. Hence, without a formal VDP, many goodwill hackers will no longer run the risk of reporting vulnerabilities informally, and companies would miss out on valuable information for their security management.


Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023