Vulnerabilities can be caused by several factors, including design and development flaws, misconfiguration, and operational processes. Vulnerability disclosure refers to the process of identifying, reporting, and patching these weaknesses of software, hardware, or services. With mVDP, we help you get alerts on security vulnerabilities from independent security researchers or your customers before cybercriminals exploit these bugs.

We help you to establish a process to identify and prioritize vulnerabilities.

{Main benefits}

Know your weaknesses

Enable the ethical hacker community to report vulnerabilities regarding your company that may have otherwise been unreported.

Prevent data breach

By fixing the reported security bugs, you will be able to prevent a serious data breach.

Validated reports

With a professional security team, we will help you to reduce the resources needed for managing reports.

We help you to set up your Vulnerability Disclosure Policy (VDP). Secure your product in four steps:

  1. Set up your VDP
  2. We help you to specify the content of your VDP. In the first step, we ensure safe harbor practices in your VDP and legal safeguards for security researchers working in good faith to identify and report vulnerabilities.
  3. Publish our form on your website
  4. To use our platform for receiving vulnerability reports, we help you to embed the Hackrate submission form on your website. Important: VDP is only published on your website; active security testing is not encouraged.
  5. Receive validated reports
  6. The ethical hackers provide information on the vulnerability through a secure online form, and our team validates all incoming submissions before you receive them. In addition, our structured vulnerability report form improves the quality of the reports.
  7. Fix the vulnerabilities
  8. In the last step, you can start removing or mitigating the reported vulnerabilities. We manage the entire process, including helping you in communication with ethical hackers.

{Set up your VDP with us}

Our platform ensures end-to-end encryption of reports and the whole VDP process is made to follow the two ISO standards related to vulnerability management (ISO/IEC 29147: Vulnerability disclosure and ISO/IEC 30111: Vulnerability handling processes).

Start your VDP today

To get more information about other services, please visit PenTest as a Service and Bug Bounty Program.

Our Missions

Our platform helps companies to identify software vulnerabilities in a cost-efficient way. It provides a secure and centralized view of ethical hacking projects for your company.

Oxo Cybersecurity Lab

Hackrate Bug Bounty Platform |
2022 ©