VULNERABILITY DISCLOSURE POLICY

A secure and streamlined channel for reporting vulnerabilities that impact your organisation

Dashboard VDP YesWeHack

ENABLE RESEARCHERS TO REPORT ANY VULNERABILITIES THEY FIND

With attack surfaces continuing to grow, organisations should help good-faith researchers notify them of any potential vulnerabilities they find in their digital assets. It’s up to IT teams to provide a secure, straightforward mechanism to facilitate this process.

YesWeHack provides a simple, secure, technical and legal framework for reporting potential vulnerabilities in your internet-facing assets – after which you can quickly take the appropriate action.

A Vulnerability Disclosure Policy, or VDP, is advocated by regulatory agencies such as NIST, ENISA and CISA and prescribed through standards ISO 29147 and ISO 30111.

Learn about bugs
before bad guys do

Facilitate reporting of potentially exploitable vulnerabilities before they are found and abused by malicious parties. Minimise time to detection and remediation by providing a secure channel for flagging potential security bugs.

Show you’re serious
about security

Demonstrate your organisation’s dedication to cybersecurity and build trust with customers, partners and other stakeholders. A VDP also fosters fruitful relationships with the security research community.

Streamline
communication

Don’t waste time sorting out irrelevant messages and false alarms. Focus your teams’ attention instead on addressing valuable and actionable reports and facilitating their internal distribution and management.

PROTECTING ANY ORGANISATION FROM SMALL BUSINESSES TO ENTERPRISES

Find out more about our product features

THE DIFFERENCES BETWEEN VDP AND BUG BOUNTY

VULNERABILITY DISCLOSURE POLICY
    BUG BOUNTY

      WHAT OUR CUSTOMERS SAY

      Having a Vulnerability Disclosure Program has provided us with a crucial and highly effective channel for communication with the external world.

      Cybersecurity Engineer at Europe’s leading consumer electronics retailer

      LAUNCH YOUR VDP TODAY

      Follow industry best practices by establishing a secure channel for Coordinated Vulnerability Disclosure