A Vulnerability Disclosure Program (VDP) is a process by which an organization invites external security researchers to report vulnerabilities in their software or systems. The purpose of a VDP is to encourage responsible disclosure of vulnerabilities by providing a clear and safe channel for security researchers
Vulnerability Disclosure Program (VDP)
What Is a Vulnerability Disclosure Program (VDP)?
A Vulnerability Disclosure Program (VDP) is a process by which an organization invites external security researchers to report vulnerabilities in their software or systems. The purpose of a VDP is to encourage responsible disclosure of vulnerabilities by providing a clear and safe channel for security researchers to report vulnerabilities and work with the organization to fix them.
VDP increases a business’ security posture by involving the cybersecurity community. Every researcher can submit a report via a platform that simplifies program scope, ranks vulnerabilities by magnitude, and monitors remediation progress. By supporting the disclosure and remediation of flaws, a company can mitigate risks before being exploited by a cybercriminal.
VDPs are becoming increasingly popular as more organizations recognize the importance of working with the security research community to identify and address vulnerabilities before they can be exploited by attackers. By implementing a VDP, organizations can improve their security posture and build trust with their customers and stakeholders.
In view of this, Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force partner with Cyberbay to co-organise the BugHunting Campaign to facilitate protecting your business, and to supercharge your cybersecurity posture via Bug Bounty service. Click HERE campaign details.