‘Short, comprehensive, easy to understand safe harbor message’ is delivered
HackerOne has updated its policy guidelines to provide better protection from legal trouble for ethical hackers who operate in good faith.
The Gold Standard Safe Harbor (GSSH) asks customers who run hacker donation programs through HackerOne to agree to a “short, comprehensive, easy-to-understand statement about the safe harbor that makes it easy for customers to taking”.
Vulnerability and vulnerability programs often include safe harbor agreements that explain the legal protections that stakeholders can expect. These agreements vary, but by asking its customers to agree to a standard policy, HackerOne aims to reduce the bureaucratic cost of ethical hackers.
‘Lighten the load’
“Although many programs include a safe harbor in their policies, GSSH is concise, comprehensive, and easy to understand for consumers,” according to the security platform. “This standard will reduce the burden on users of filtering multiple content of content.”
The Gold Standard Safe Harbor was launched on Wednesday, November 16. Organizations that adhere to the GSSH will replace their Safe Harbor and GSSH information on their project page and select to digital signal. Candidates can filter searches for programs based on participation in the GSSH program.
KAYAK, GitLab Inc, and Yahoo were among the first customers to opt for the standard language of GSSH. GSSH is available for adoption by HackerOne customers worldwide although its language is closely aligned with US government cybersecurity policy updates, Daily Change will understand.
Stay up to date with reports and analysis on bug pricing
The first findings from HackerOne’s upcoming Hacker Report appear to warrant efforts to strengthen legal protections for hackers.
The report shows that more than half of hackers have not disclosed the vulnerability they have discovered, with 12% citing their decision not to disclose because of the threatening legal language used by the organization. who points in the bug. Another one in five (20%) said they refused to disclose the gift because it was difficult to manage beforehand.
The Gold Standard Safe Harbor aims to offer hackers ethical protection from threats and legal liability – as long as they are acting within the law.
Such protections are needed even as there is a growing awareness and appreciation of the work of ethical whistleblowers in business and government.
For example, the US Department of Justice recently revised its policy for prosecuting cases under the Computer Fraud and Abuse Act (CFAA) to increase hacking protections.
You might as well The US will revise its policies related to the Fraud and Cybercrime Act, which will not prosecute honest research