Target

Your public service that manages your organization or at least responsible for, the services that can be attacked by everyone and especially by hackers.

These are the primary targets of attackers who use the public Internet to your organization wishes to attack.

Testing services often penetration testing, and security PenTest called auditing, is prohibited by law and is considered hacking.

The "Coordinated Vulnerability disclosure policy" to allows security researchers or others weaknesses can register your organization.

The principle is that you better informed by people with good intentions weaknesses search, then impacted by hackers to be

How

Create Policy

• On your dashboard, select Add a policy
• Select "Coordinated policy disclosure of vulnerabilities."

Publishing on the website

• The webmaster needs by linking to your website where the policy applies.
• On the Web webmaster is the "security.txt" file to create as stated in the "Actions" in the unit.

The messages follow-up

• Please ensure that the mailbox or the channel you used to get in the timely reporting processes
• By default this is the person within the organization responsible for data protection
• Monitoring and evaluation reports can be done in Co-Dex.eu
• Wall of Fame entries are managed in the unit
  
  • When saving, the entries whose permission is entered ( "Yes") published

Successful publishing reports

If your organization use the wall of fame hall of fame or want to, this is to give recognition to the security researchers who reported findings validated.

• The webmaster provides a page with a list of "Wall of Fame"
• Attributes on the wall: Name, Date, Short description