A few words about VDP - Vulnerability Disclosure Program

In the past year, the U.S. Federal Trade Commission (FTC) and Department of Justice (DOJ)  have released guidance outlining the need for vulnerability disclosure programs (VDP).  With support from major legislative bodies like the National Institute of Standards and Technology, widespread adoption of vulnerability disclosure programs is expected and necessary in the coming years. 

A vulnerability disclosure program offers a secure channel for researchers to report security issues and vulnerabilities, and typically includes a framework for intake, triage, and workflows for remediation.

 

For more information, please read Bugcrowd’s overview about VPDs at the following article:

https://www.bugcrowd.com/blog/whats-a-vulnerability-disclosure-program/