In accordance with Section 101 and Title I of the SECURE Technology Act (P.L. 115-390), this policy provides security researchers with clear guidelines for (1) conducting vulnerability and attack vector discovery activities directed at Department of Homeland Security (DHS) systems and (2) submitting those discovered vulnerabilities. This policy has been developed in consultation with the Attorney General, the Secretary of Defense, the Administrator of GSA, and non-governmental security researchers.
|Vulnerability Disclosure Program Policy and Rules of Engagement||223.38 KB||12/22/2022|
|Vulnerability Disclosure Program Policy and Rules of Engagement - Plain Text||TXT||12.25 KB||12/22/2022|