DarkHorse
About
About
About
Principles
Definitions
Docs
Blog
Contact
Compare
Policies
Tester Code of Conduct / Expectations
General T&Cs
Disclosure Policy
Privacy Policy
Products
Fractional Testing
VDP
Pentesting
Bug Bounty
Pricing The List Login Register

Engagement Summary



QuikLinks

Introduction
Testing Guidance
Asset List
Notes

Methodology Checklist

Your Submissions

Test / Demo VDP



Status: Live
Start Date: July 1, 2024, 10:52 p.m.

Introduction

This is a demo program for testing out submitting findings or any other activities testers or other individuals may need a demo program for.

Testing Guidance

This Responsible Vulnerability Disclosure Program is a submission portal where you can responsibly report security vulnerabilities that you've identified against assets belonging to our organization.

Note that reporting vulnerabilities here does not entitle the reporter to any compensation. It is also requested that as part of your responsible disclosure, if you intend to publish your work here, that you work with us to coordinate on timing, patching, and so forth - so as to not jeopardize our organization or userbase.

If you have any questions, please reach out, and we'll do our best to reply.

Note that this form is only for reporting security vulnerabilities. Please DO NOT submit any support inquiries, UI/UX issues, etc. Furthermore, please DO NOT include any sensitive information in your report (personal emails, account numbers, credit cards, etc). Thank you for helping keep us and the internet secure!

Assets

Default Target Group

Asset: Demo VDP
Location: Any asset demonstrably belonging to Demo VDP

Notes

Notes for tester:
Please submit test reports, etc to this program, as opposed to creating noise for other organizations. Thanks!

Safe Harbor

When conducting vulnerability research, according to this policy, we consider this research conducted under this policy to be:

  • Authorized concerning any applicable anti-hacking laws, and we will not initiate or support legal action against you for accidental, good-faith violations of this policy;
  • concerning any relevant anti-circumvention laws, and we will not bring a claim against you for circumvention of technology controls;
  • Exempt from restrictions in our Terms of Service (TOS) and/or Acceptable Usage Policy (AUP) that would interfere with conducting security research, and we waive those restrictions on a limited basis; and
  • Lawful, helpful to the overall security of the Internet, and conducted in good faith.
You are expected, as always, to comply with all applicable laws. If legal action is initiated by a third party against you and you have complied with this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please submit a report through one of our Official Channels before going any further.

Note that the Safe Harbor applies only to legal claims under the control of the organization participating in this policy, and that the policy does not bind independent third parties.


© 2024 DarkHorse Security, LLC. DarkHorse: Let's Ride. All rights reserved. CURRENTLY IN OPEN BETA | Need Help?