U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. News
  3. Publication Library
  4. Vulnerability Disclosure Program Policy and Rules of Engagement

Vulnerability Disclosure Program Policy and Rules of Engagement

In accordance with Section 101 and Title I of the SECURE Technology Act (P.L. 115-390), this policy provides security researchers with clear guidelines for (1) conducting vulnerability and attack vector discovery activities directed at Department of Homeland Security (DHS) systems and (2) submitting those discovered vulnerabilities. This policy has been developed in consultation with the Attorney General, the Secretary of Defense, the Administrator of GSA, and non-governmental security researchers.

Attachment Ext. Size Date
Vulnerability Disclosure Program Policy and Rules of Engagement PDF 223.38 KB 12/22/2022
Vulnerability Disclosure Program Policy and Rules of Engagement - Plain Text TXT 12.25 KB 12/22/2022
Last Updated: 05/04/2023
Was this page helpful?
This page was not helpful because the content