Skip to content

Commit

Permalink
Update SECURITY.md to reference bug bounty program (Issue #314) (#327)
Browse files Browse the repository at this point in the history 
* Pass minify parameter so minimization will happen in build.

* Demo app only takes -sh.01 and no-op execute in production mode

* Update SECURITY.md to reference bug bounty program.
  • Loading branch information
@ErikMHummel
ErikMHummel authored and Daniel Brain committed May 9, 2017
1 parent c23a49a commit e91870b
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions SECURITY.md
View file
@@ -1,15 +1,21 @@
# Security Policy

We take security very seriously and ask that you follow the following process.
At PayPal, we take security very seriously. If you have found a security bug with PayPal, we ask that you follow the below process to share security bugs with us in a responsible way. This process allows us to review and resolve the issue and keep our customers safe while providing you public recognition for the submission.

## PayPal Bug Bounty Program

## Contact us
If you think you may have found a security bug we ask that you privately send the details to DL-PP-Kraken-Js@ebay.com. Please make sure to use a descriptive title in the email.
PayPal runs a bug bounty program that provides monetary awards for significant findings. If you have found a security bug, please visit the site and follow the submission process to responsibly report the bug to PayPal.

[https://www.paypal.com/bugbounty/](https://www.paypal.com/bugbounty/)

Quarterly, we recognize the top-10 security researchers who have had confirmed bug reports submitted through the program on our [PayPal Bug Bounty Wall of Fame](https://www.paypal.com/us/webapps/mpp/security-tools/wall-of-fame). We do this to publically recognize the researchers for the hard work they have done, and also to show them respect for responsibly reporting security bugs through the program.

## Expectations
We will generally get back to you within **24 hours**, but a more detailed response may take up to **48 hours**. If you feel we're not responding back in time, please send us a message *without detail* on Twitter [@kraken_js](https://twitter.com/kraken_js).
Please read the [program terms for full details](https://www.paypal.com/webapps/mpp/security-tools/reporting-security-issues) about the submission process and eligibility for monetary awards.

## Contact us

If you have questions about the bug bounty program, reach out to us at [ppbugbounty@paypal.com](mailto:ppbugbounty@paypal.com).

## History
No reported issues

No reported issues for this project.

0 comments on commit e91870b

Please sign in to comment.