Vulnerability reporting is tricky by nature - Every security issue is a snowflake, and the laws, languages, and people involved are unique every single time.
To compensate for this and help to make secure easy, and insecure (or bad practice) obvious, disclose.io focusses on these design principles:
| Legal completeness | Simplicity | Accessibility | Universally recognizable |
|---|---|---|---|
 |
 |
 |
 |
| Be useful & safe for security researchers while keeping legal teams happy. | Help set clear expectations for security researchers & program owners alike. | Easy to understand and hard to misinterpret, for as many people as possible. | The Green Padlock for Vulnerability Disclosure. |