Defense Nuclear Facilities Safety Board - Vulnerability Disclosure Program

Enhancing the safety and security of our nation's most sensitive defense nuclear facilites!

  • Safe harbor
Submit report

We no longer offer point rewards for submissions on this program. Please refer to our blog post: How Bugcrowd sees VDPs and points for more details.

Program stats

  • Vulnerabilities accepted 3
  • Validation within about 15 hours 75% of submissions are accepted or rejected within about 15 hours

Latest hall of famers

View all 38

Recently joined this program

53 total

Disclosure

Please note: This program or engagement does not allow disclosure. You may not release information about vulnerabilities found in this program or engagement to the public.

Introduction

This policy describes what systems and types of research are covered under this policy, how to send vulnerability reports, and how long DNFSB asks security researchers to wait before publicly disclosing vulnerabilities.

DNFSB encourages members of the public to contact the agency to report potential vulnerabilities in agency systems.

Scope

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please submit through the Bugcrowd Support Portal. We will address your issue as soon as possible.

Learn more about Bugcrowd’s VRT.