Skip to content

Commit

Permalink
Create SECURITY.md
Browse files Browse the repository at this point in the history
  • Loading branch information
mtawadrousv authored Nov 16, 2023
1 parent 1f014b7 commit 3589e72
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Our Commitment to Security

Veracode was founded on the idea that companies should be able to access technology that allows them to scan their software for vulnerabilities so that they can identify them, fix them and improve their security. Since that time, we have created new technologies and services to enable our customers to scan for flaws in along the entire software development lifecycle, seeing results in seconds or minutes, to allow them to code securely while also remaining on schedule with continuous release cycles.

Veracode envisions a world where the software fueling our economic growth and solving society's greatest challenges is developed secure from the start.

We value transparency in the security industry and openness with sharing information that could improve security for every organization. Veracode is committed to engaging the research community in a professional, positive and agreeable manner that protects our company and our customers.

As such, we encourage and welcome anyone who believes he or she has identified a vulnerability to contact us with security concerns or pertinent information to the integrity, functionality or confidentiality of our software.

The terms below apply to any website, application or service distributed by or hosted by Veracode, Inc.

Please use the email address [**[email protected]**](mailto:[email protected]?subject=Responsible%20Disclosure%20Notice&body=URL(s)/Application(s)%20Impacted:%0A%0ASuspected%20Vulnerability%20Details:%0A%0ADescription%20of%20how%20the%20Vulnerability%20was%20found:%0A%0AContact%20Information:%0A%0AAny%20other%20relevant%20information:%0A%0A) to alert us to:

- Vulnerabilities or breaches in our software or environments which threaten the confidentiality, integrity or availability of our data, software, or services, or our customers’ data
- Applications that mimic, mislabel, misdirect, or "copycat" Veracode, or phishing attacks even if they do not originate from Veracode sources
- Written or verbal discussion, activities, or data in any public forum which you believe constitutes a threat to Veracode, our employees or our customers

For more, please refer to our [**Responsible Disclosure Policy**](https://www.veracode.com/legal-privacy/responsible-disclosure-policy)

0 comments on commit 3589e72

Please sign in to comment.