官术网_书友最值得收藏!

Conduct guidelines

This section gives details about what a researcher should specifically never do when finding vulnerabilities in the program. It is a notification paragraph, stating that while the disclosure of vulnerabilities is highly appreciated, there are certain things that the researchers should not do, such as:

  • Disclose any vulnerabilities or suspected vulnerabilities discovered to any other person
  • Disclose the contents of any submission to the program
  • Access private information of any person stored on a program's product
  • Access sensitive information
  • Perform actions that may negatively affect the program's users
  • Conduct any kind of physical attack on the organization's personnel, property, or data centers
  • Socially engineer any employee or contractor
  • Conduct vulnerability testing of participating services using anything other than test accounts
  • Violate any laws or breach any agreements in order to discover vulnerabilities
主站蜘蛛池模板: 定结县| 泽普县| 古田县| 泸州市| 保康县| 赤城县| 巴南区| 峨边| 阿城市| 南开区| 万年县| 闵行区| 临猗县| 隆化县| 阳东县| 彭州市| 水富县| 西安市| 保亭| 蒙山县| 邛崃市| 同仁县| 佛坪县| 屯昌县| 梅河口市| 安新县| 乌拉特中旗| 平遥县| 渝中区| 湟源县| 岢岚县| 仁布县| 元阳县| 内黄县| 宁远县| 巴青县| 文成县| 陇西县| 桂阳县| 新兴县| 邵阳县|