| Date | Type | Publication | Author | Title | URL |
|---|---|---|---|---|---|
| 11/17/2020 | Partner Reference | Center for Demcoracy and Technology | William T. Adler | CDT Joins EFF, Other Experts in Open Letter on Election SecurityCDT Joins EFF, Other Experts in Open Letter on Election Security | https://cdt.org/insights/cdt-joins-eff-other-experts-in-open-letter-on-election-security/ |
| 11/16/2020 | Reference | EFF | EFF | Elections Are Partisan Affairs. Election Security Isn’t. | https://www.eff.org/deeplinks/2020/11/elections-are-partisan-affairs-election-security-isnt |
| 11/7/2020 | Partner Reference | aws.amazon.com | AWS | Disclose.io adoption | https://aws.amazon.com/security/vulnerability-reporting/ |
| 10/28/2020 | Press | Threatpost | Lindsey O’Donnell | How the Pandemic is Reshaping the Bug-Bounty Landscape | https://threatpost.com/pandemic-reshaping-bug-bounty-landscape/160644/ |
| 10/23/2020 | Press | VentureBeat | Chris O’Brien | How ethical hackers are trying to protect the 2020 U.S. elections | https://venturebeat.com/2020/10/23/how-ethical-hackers-protect-2020-u-s-elections/ |
| 10/7/2020 | Reference | Senate.gov | Blake Reid | Are Reforms to Section 1201 Needed and Warranted?2 Responses to Questions for the Record | https://www.judiciary.senate.gov/download/reid-responses-to-questions-for-the-record |
| 10/6/2020 | Press | Forbes | Forbes Technology Council | 16 Software Development Trends That Will Soon Dominate The Tech Industry | https://www.forbes.com/sites/forbestechcouncil/2020/10/06/16-software-development-trends-that-will-soon-dominate-the-tech-industry/?sh=42a4479a4aa3 |
| 9/26/2020 | Press | Threatpost | Tom Spring | Bug Bounty FAQ: Top Questions, Expert Answers | https://threatpost.com/bug-bounty-faq/159569/ |
| 9/14/2020 | Reference | disclose.io | J. Cable, J. Langevin, C. Ellis, et al | Response to Voatz’s Supreme Court Amicus Brief | https://disclose.io/voatz-response-letter/ |
| 8/1/2020 | Partner Reference | Department of Homeland Security | GUIDE TO VULNERABILITY REPORTING FOR AMERICA’S ELECTION ADMINISTRATORS | https://www.cisa.gov/sites/default/files/publications/guide-vulnerability-reporting-americas-election-admins_508.pdf | |
| 6/5/2020 | Press | The Daily Swig | Adam Bannister | Terms of engagement: US computer crime laws out of step with changing attitudes to pen tests, ethical hacking | https://portswigger.net/daily-swig/terms-of-engagement-us-computer-crime-laws-out-of-step-with-changing-attitudes-to-pen-tests-ethical-hacking |
| 6/1/2020 | Partner Reference | dfat.gov | Australian Government Dept of Foreign Affairs | Public Consultation: responsible state behaviour in cyberspace in the context of international security | https://www.dfat.gov.au/sites/default/files/compilation-norm-implantation-guidance.pdf |
| 4/24/2020 | Talk | Rapid7 | Rapid7 | Where Tech Meets Legal: Discussing Crowdsourced Security Testing | https://www.rapid7.com/resources/security-nation-casey-ellis/ |
| 4/1/2020 | Partner Reference | ISMS | Security Officer | Responsible Disclosure Policy | https://www.greenmini.nl/wp-content/uploads/2020/08/ISMS-ResponsibleDisclosurePolicy-020820.pdf |
| 1/1/2020 | Reference | Supreme Court | Van Buren vs USA | On Writ of Certiorari to the United States Court of Appeals for the Eleventh Circuit | https://www.supremecourt.gov/DocketPDF/19/19-783/155055/20200928114834562_19-783ReplyBriefForPetitioner.pdf |
| 12/1/2019 | Reference | University of Nevada, Las Vegas | Alex Hoffman | Moral Hazards in Cyber Vulnerability Markets | https://www.researchgate.net/publication/337667263_Moral_Hazards_in_Cyber_Vulnerability_Markets |
| 11/12/2019 | Press | CNBC | Kate Fazzini | Iowa paid a security firm to break into a courthouse, then arrested employees when they succeeded | https://www.cnbc.com/2019/11/12/iowa-paid-coalfire-to-pen-test-courthouse-then-arrested-employees.html |
| 7/11/2019 | Partner Reference | Kaspersky | Kaspersky | Building trust together with Disclose.io | https://www.kaspersky.com/blog/kaspersky-joins-disclose-io/27588/ |
| 7/1/2019 | Partner Reference | Kaspersky | Kaspersky | Update July 2019 | https://www.kaspersky.com/transparency-center |
| 4/24/2019 | Talk | The Ethical Hacker Network | J. Haddix, C. Messdaghi, D. Donzal | SAFE HARBOR FOR HACKERS | https://www.ethicalhacker.net/wp-content/uploads/eh-net_tv/eh-net_live/April2019/EH-Net_Live-April2019-Safe_Harbor_for_Hackers_Haddix_Messdaghi_Bugcrowd_Slide_Deck.pdf |
| 2/19/2019 | Partner Reference | Github Blog | Phil Turnbull | Five years of the GitHub Bug Bounty program | https://github.blog/2019-02-19-five-years-of-the-github-bug-bounty-program/ |
| 1/31/2019 | Partner Reference | CLTC UC Berkley | Steve Weber & Ann Cleaveland | 2018 Annual Report | https://cltc.berkeley.edu/wp-content/uploads/2019/03/2018_CLTC_Annual_Report.pdf |
| 1/29/2019 | Press | https://totalsecurityadvisor.blr.com/policies-training/open-source-collaborative-hopes-make-reporting-security-bugs-safer/ | |||
| 1/1/2019 | Partner Reference | Bugcrowd | Bugcrowd | Priority One The State of Crowdsourced Security in 2019 | https://static.carahsoft.com/concrete/files/2215/7296/5388/Bugcrowd_Priority_One_Report_2019.pdf |
| 12/2018 | Talk | ENISA | Economics of vulnerability disclosure | https://www.enisa.europa.eu/publications/economics-of-vulnerability-disclosure/at_download/fullReport | |
| 11/19/2018 | Reference | Journal of Cyber Policy | Joss Meakins | A zero-sum game: the zero-day market in 2018 | https://www.tandfonline.com/doi/abs/10.1080/23738871.2018.1546883 |
| 10/17/2018 | Reference | NCCST | The drafting of hacking missions uses contracts as a legal tool for information security management-nat.gov.tw | https://download.nccst.nat.gov.tw/attachfilelaw/03._%E9%A7%AD%E5%AE%A2%E4%BB%BB%E5%8B%99%E7%9A%84%E6%93%AC%E5%AE%9A-%E4%BB%A5%E5%A5%91%E7%B4%84%E4%BD%9C%E7%82%BA%E8%B3%87%E5%AE%89%E7%AE%A1%E7%90%86%E7%9A%84%E6%B3%95%E5%BE%8B%E5%B7%A5%E5%85%B7.pdf | |
| 9/5/2018 | Press | Threatpost | Tom Spring | The Vulnerability Disclosure Process: Still Broken | https://threatpost.com/the-vulnerability-disclosure-process-still-broken/137180/ |
| 8/7/2018 | Reference | The Marshall Center | Transnational Weekly | https://globalnetplatform.org/system/files/transnationalweekly_issue30_07august2018.pdf | |
| 8/3/2018 | Press | CyberScoop | Zaid Shoorbajee | Open source project looks to give legal safe harbor for ethical hackers | https://www.cyberscoop.com/disclose-io-bug-bounty-safe-harbor/ |
| 8/3/2018 | Press | Washington Post | Derek Hawkins | The Cybersecurity 202: The law doesn’t protect ethical hackers. This new project could help close that gap. | https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/08/03/the-cybersecurity-202-the-law-doesn-t-protect-ethical-hackers-this-new-project-could-help-close-that-gap/5b6330421b326b0207955ecb/ |
| 8/2/2018 | Press | Duo Decipher | Fahmida Y. Rashid | DISCLOSE.IO OFFERS SECURITY RESEARCHERS SAFE HARBOR | https://duo.com/decipher/discloseio-offers-security-researchers-safe-harbor |
| 8/2/2018 | Press | ArsTechnica | Sean Gallagher | New Open Source Effort: Legal Code to Make Reporting Security bugs Safer | https://arstechnica.com/information-technology/2018/08/new-open-source-effort-legal-code-to-make-reporting-security-bugs-safer/ |
| 8/2/2018 | Press | ZDNet | Charlie Osborne | Disclose.io: A safe harbor for hackers disclosing security vulnerabilities | https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_elazari.pdf |
| 1/1/2018 | Talk | Usenix.org | Amit Elazari | The Law and Economics of Bug Bounties | https://www.usenix.org/conference/usenixsecurity18/presentation/elazari-bar |
| 1/1/2016 | Partner Reference | Kaspersky Lab | Eugene Kaspersky | KASPERSKY FREE KEY | https://media.kaspersky.com/ru/about/Biznes_i_tsennosti.pdf |
| 8/22/2014 | Reference | http://binaergewitter.herokuapp.com/2014/08/22/binaergewitter-talk-number-103-terrorpod/ | |||
| 7/28/2014 | Press | Infosecurity Magazine | Bugcrowd Launches Open-source Disclosure Framework | https://www.infosecurity-magazine.com/news/bugcrowd-launches-open-source-disclosure-framework/ | |
| 7/25/2014 | Press | Help New Security | Open source responsible disclosure framework released | https://www.helpnetsecurity.com/2014/07/25/open-source-responsible-disclosure-framework-released/ | |
| 7/24/2014 | Press | Threatpost | Dennis Fisher | Bugcrowd Releases Open Source Vulnerability Disclosure Framework | https://threatpost.com/bugcrowd-releases-open-source-vulnerability-disclosure-framework/107399/ |
| 7/24/2014 | Press | Jupiter Broadcasting | https://www.jupiterbroadcasting.com/63062/9-days-to-patch-techsnap-172/ | ||
| 7/24/2014 | Press | SecurityWeek | Eduard Kovacs | Bugcrowd Releases Bug Bounty Program Framework | https://www.securityweek.com/bugcrowd-releases-bug-bounty-program-framework |
| 7/24/2014 | Press | EDN | EDN | Bugcrowd Releases Open Source Responsible Disclosure Framework | https://www.edn.com/bugcrowd-releases-open-source-responsible-disclosure-framework/ |
| Partner Reference | OWASP Foundation | OWASP Team | Vulnerability Disclosure Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html | |
| Partner Reference | Google Engineering | Creating Your VDP | https://developers.google.com/android/play-protect/starting-a-vdp/docs/creating-your-vdp?hl=ja | ||
| Partner Reference | MITRE | MITRE | https://cve.mitre.org/cve/cna/rules.html | ||
| Partner Reference | CERT.org | CERT.org | https://vuls.cert.org/confluence/plugins/viewsource/viewpagesrc.action?pageId=47677527 | ||
| Partner Reference | Kaspersky | Kaspersky | KASPERSKY GLOBAL TRANSPARENCY INITIATIVE | https://www.kaspersky.com/transparency-center | |
| Press | eWeek | eWeek | https://www.eweek.com/web/index.php/security/security-legal-groups-aim-to-make-software-flaw-disclosure-easier | ||
| Press | glitchwitch.io | glitchwitch.io | Working wih Hacker | https://glitchwitch.io/assets/img/blog/7/working-with-hackers.pdf | |
| Reference | Github | Bugcrowd and Cipherlaw | Welcome to the Open Source Vulnerability Disclosure Framework | https://github.com/bugcrowd/disclosure-policy |
Press mentions
Written by disclose.io