Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update SECURITY.md to reference bug bounty program (Issue #314) (#327)
* Pass minify parameter so minimization will happen in build. * Demo app only takes -sh.01 and no-op execute in production mode * Update SECURITY.md to reference bug bounty program.
- Loading branch information
1 parent
c23a49a
commit e91870b
Showing
1 changed file
with
12 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,21 @@ | ||
# Security Policy | ||
|
||
We take security very seriously and ask that you follow the following process. | ||
At PayPal, we take security very seriously. If you have found a security bug with PayPal, we ask that you follow the below process to share security bugs with us in a responsible way. This process allows us to review and resolve the issue and keep our customers safe while providing you public recognition for the submission. | ||
|
||
## PayPal Bug Bounty Program | ||
|
||
## Contact us | ||
If you think you may have found a security bug we ask that you privately send the details to DL-PP-Kraken-Js@ebay.com. Please make sure to use a descriptive title in the email. | ||
PayPal runs a bug bounty program that provides monetary awards for significant findings. If you have found a security bug, please visit the site and follow the submission process to responsibly report the bug to PayPal. | ||
|
||
[https://www.paypal.com/bugbounty/](https://www.paypal.com/bugbounty/) | ||
|
||
Quarterly, we recognize the top-10 security researchers who have had confirmed bug reports submitted through the program on our [PayPal Bug Bounty Wall of Fame](https://www.paypal.com/us/webapps/mpp/security-tools/wall-of-fame). We do this to publically recognize the researchers for the hard work they have done, and also to show them respect for responsibly reporting security bugs through the program. | ||
|
||
## Expectations | ||
We will generally get back to you within **24 hours**, but a more detailed response may take up to **48 hours**. If you feel we're not responding back in time, please send us a message *without detail* on Twitter [@kraken_js](https://twitter.com/kraken_js). | ||
Please read the [program terms for full details](https://www.paypal.com/webapps/mpp/security-tools/reporting-security-issues) about the submission process and eligibility for monetary awards. | ||
|
||
## Contact us | ||
|
||
If you have questions about the bug bounty program, reach out to us at [ppbugbounty@paypal.com](mailto:ppbugbounty@paypal.com). | ||
|
||
## History | ||
No reported issues | ||
|
||
No reported issues for this project. |