disclose.io

disclose.io

The infrastructure that powers vulnerability disclosure and security reporting. Safe, simple, and standardized for everyone.

Open source · vendor-neutral · home of the safe-harbor scoreboard.

Frequently asked questions

Got a quick question? Let's get you a quick answer

Partners and friends

Organizations that share our mission, and ways to engage with them

Security Research Legal Defense Fund logo

A 501(c)(3) nonprofit that helps fund legal representation for security researchers who face legal threats as a result of good-faith security research.

If you (or someone you know) is facing legal action for good-faith research, you can apply for a defense grant.

If you want to help keep the chilling effect in check, you can donate to the fund. Donations are tax-deductible.

The Hacking Games logo

A community and pipeline that helps unconventional thinkers (gamers, CTF players, and bug bounty hunters) turn their talents into legitimate cybersecurity careers.

If you've got the hacker mindset and are looking for a way in, join their Discord community.

If your organization wants to hire outside the traditional pipeline, work with them as a partner to connect with their talent pool.

Hackers on the Hill logo

An I Am The Cavalry initiative that brings security researchers face-to-face with policymakers. Founded in 2017 and now global.

Events run across the US and Europe throughout the year.

If you're a researcher who wants policymakers to hear from you directly, join the mailing list to get notified about upcoming events.

Why does disclose.io exist?

A couple of talks to get you started...

An intro to disclose.io and hacker safety

caseyjohnellis at HackerCon 2021

Hacking the Law - Are Bug Bounties a True Safe Harbor?

Amit Elazari at BSidesSF 2018

Hacking Policy and Policy Hacking

Amit Elazari at BSidesSF 2023

Leonard Bailey + Casey Ellis + Marten Mickos

Cybertalks 2017

Stay in the loop

Weekly cybersecurity-policy news in Policy Pulse, plus disclose.io community updates and safe-harbor developments.

Subscribe to the newsletter

Didn't find what you were looking for?

We're always happy to help answer your questions about vulnerability disclosure.