https://disclose.io/framework/practices/Recent content in Framework — Practices on disclose.ioHugoen-ushttps://disclose.io/framework/practices/good-faith-security-research/Mon, 01 Jan 0001 00:00:00 +0000https://disclose.io/framework/practices/good-faith-security-research/Originally published by NextJenSecurity, 2026. TL;dr Laws and policies that address the security of online systems should support research activities that are undertaken to benefit society by deterring the trespass of online systems and the theft or destruction of data. In reality, however, often this is not the case, and security researchers face enormous personal risk of criminal prosecution or civil litigation. Lawmakers, law enforcement, and systems operators face challenges distinguishing between beneficial, good faith security research and activities conducted with criminal intent, which can result in unwarranted claims being leveled against legitimate security research.