Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create SECURITY.md #8

Merged
merged 1 commit into from
Nov 16, 2023
Merged

Create SECURITY.md #8

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Our Commitment to Security

Veracode was founded on the idea that companies should be able to access technology that allows them to scan their software for vulnerabilities so that they can identify them, fix them and improve their security. Since that time, we have created new technologies and services to enable our customers to scan for flaws in along the entire software development lifecycle, seeing results in seconds or minutes, to allow them to code securely while also remaining on schedule with continuous release cycles.

Veracode envisions a world where the software fueling our economic growth and solving society's greatest challenges is developed secure from the start.

We value transparency in the security industry and openness with sharing information that could improve security for every organization. Veracode is committed to engaging the research community in a professional, positive and agreeable manner that protects our company and our customers.

As such, we encourage and welcome anyone who believes he or she has identified a vulnerability to contact us with security concerns or pertinent information to the integrity, functionality or confidentiality of our software.

The terms below apply to any website, application or service distributed by or hosted by Veracode, Inc.

Please use the email address [**security-alerts@veracode.com**](mailto:security-alerts@veracode.com?subject=Responsible%20Disclosure%20Notice&body=URL(s)/Application(s)%20Impacted:%0A%0ASuspected%20Vulnerability%20Details:%0A%0ADescription%20of%20how%20the%20Vulnerability%20was%20found:%0A%0AContact%20Information:%0A%0AAny%20other%20relevant%20information:%0A%0A) to alert us to:

- Vulnerabilities or breaches in our software or environments which threaten the confidentiality, integrity or availability of our data, software, or services, or our customers’ data
- Applications that mimic, mislabel, misdirect, or "copycat" Veracode, or phishing attacks even if they do not originate from Veracode sources
- Written or verbal discussion, activities, or data in any public forum which you believe constitutes a threat to Veracode, our employees or our customers

For more, please refer to our [**Responsible Disclosure Policy**](https://www.veracode.com/legal-privacy/responsible-disclosure-policy)