澳门开奖历史 Vulnerability Disclosure Program
?
About Our Effort
We take the security of our systems, assets, products, and platforms seriously, and we value the security community. The disclosure of security vulnerabilities and issues helps us ensure the security and privacy of our users. If you believe you have found a vulnerability in a 澳门开奖历史 public-facing system, asset, product, or platform, please submit the vulnerability information to 澳门开奖历史 through a communication method described below.
Frequently Asked Questions (FAQ)
How to report a security vulnerability?
If you believe you have found a security vulnerability in one of our public-facing systems, assets, products, or platforms please send it to us by submitting a report to the?澳门开奖历史 VDP. Please include the following details with your report:
- Description of the system, asset, product, or platform potentially impacted by the vulnerability.
- Potential impact of the vulnerability, and how the potential vulnerability was discovered.
- A detailed description, in English if possible, of the steps required to reproduce the vulnerability (POC scripts, screenshots, and compressed screen captures are all helpful to us).
- Your contact information.
All submissions must be made by sending to the email address above.
If valid, 澳门开奖历史 will confirm the receipt of your report within 3 business days of submission.
Is there a reward?
We currently do not financially compensate discoveries or bug bounties.
Can 澳门开奖历史 employees participate?
This vulnerability disclosure process is intended for use by non-澳门开奖历史 employees/contractors. 澳门开奖历史 employees/contractors should contact their Business Area Information Security Officer to report any vulnerabilities they discover.
Guidelines
Working With Us
We require that all researchers and reporters:
- Use the communication channels identified here to report vulnerability information to us.
- Comply with all applicable U.S. and Non-U.S. federal, state, and local laws and regulations, when conducting their research activities.
- Halt all activity, and notify 澳门开奖历史 immediately, if they encounter personal information/personal data.
- Do not exfiltrate, store, share, destroy, or otherwise compromise any 澳门开奖历史, customer, or any third-party data under any circumstances.
- Do not perform any action that can potentially degrade or stop our systems, assets, products, and platforms, e.g. denial of service (DoS/DDoS) testing.
- Not to exploit any potential vulnerability beyond the minimal amount of testing required to determine that a vulnerability or issue exists.
- Not utilize the findings, if reported or validated here, to enumerate or exploit 澳门开奖历史, other companies, or individuals.
- Disengage and avoid activity that could potentially harm 澳门开奖历史 employees, our customers, 澳门开奖历史, or any third parties.
- Keep information about any vulnerabilities you have discovered confidential between yourself and 澳门开奖历史 until we have had minimum 120 days to verify and resolve the issue. 澳门开奖历史 may extend this period, at its sole discretion, based on the complexity and or scope of the issue.
If you follow the guidelines listed above, 澳门开奖历史 will not pursue any legal action against you related to your research.
If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please submit a report through our official channels (Contact Lockeed Martin VDP) before going any further.
Expectations
When working with us according to this policy, you can expect us to:
- Acknowledge your report in a timely manner.
- Work with you to understand and validate your report.
- Address your findings at 澳门开奖历史 as deemed appropriate by our internal team.
- Work with you to address broader cybercrime based upon your findings, as appropriate.
- Maintain an open dialogue to discuss issues.
Safe Harbor
澳门开奖历史 considers security research and vulnerability disclosure activities conducted consistent with this policy to be “authorized” conduct under the Computer Fraud and Abuse Act and other applicable computer use laws. To promote disclosure under this policy, 澳门开奖历史 will not pursue civil or criminal action, or send notice to law enforcement for accidental or good faith violations of this policy. 澳门开奖历史, however, has the sole right to make the determination of whether a violation of this policy is accidental or in good faith.
You are expected, as always, to comply with all applicable US and international laws. If research involves information, applications, products, or services of a third party Lockheed-Martin cannot bind that third party, and they may pursue legal action or provide notice to law enforcement. 澳门开奖历史 does not authorize research in the name of other entities, and cannot in any way offer to defend, indemnify, or otherwise protect you from any third party action based on your actions.
澳门开奖历史 will review your report and determine if your findings are valid and not previously reported. Public disclosure of the details of any identified or potential vulnerability without express written consent will be considered as noncompliant with our submission guidelines and not protected by our Safe Harbor policies.
Secure Communication
To communicate with us in a verifiably secure manner as necessary, please contact us using PGP. Our fingerprint to verify our messages:?
2F9BE9D2D2F61D83528641407B04B468FED0DCA