VDP (Vulnerability Disclosure Policy)
Products
Information
A VDP provides a legally secure, structured framework for reporting vulnerabilities on a company's website, products or services. It ensures that those who report vulnerabilities are legally protected. In addition, a VDP showcases companies' commitment to security, by welcoming external examination - a reassuring gesture for partners and customers who value security.
YesWehack helps you build your own by providing you with a complete solution. YesWeHack provides its vast experience in working with ethical hackers, managing security vulnerabilities and its ISO 27001 certified infrastructure, and offers support in the following steps:
• Support in drafting the Policy’s text and commitments
• Support in creating the customer's VDP webpages, integrated into his domain
• Provision of a secure online reporting form for vulnerability reporting
• Secure encryption of reports in the browser via PGP encryption
• Traceability of submitted reports by anchoring the proof of deposit in a blockchain
• Optional: triaging received reports
