Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
EmHa
Viewer
9 hours ago
9 hours ago

ISC2 Vulnerability Discloslosure

I'm trying to find ISC2's vulnerability disclosure program. I've discovered a suspicious behaviour, leading to information disclosure, in the learnzapp applications and would like to share the details responsibly.


I attempted to find the relevant contact by looking for the standard security.txt file, however...
- https://www.learnzapp.com/security.txt does not exist.
- https://www.isc2.org/security.txt reveals a link to ISC2's bugcrowd. The link is not working.
- Searching for ISC2 on bugcrowd reveals ISC2's public engangement, https://bugcrowd.com/engagements/isc2, which is closed and does not provide a way to submit a report.
- Finally, ISC2 is also present on HackerOne, https://hackerone.com/isc2. However, attempting to contact the security team leads back to the bugcrowd portal above...

 

I attempted to contact support - no response.


Therefore, I'd like you to point me to the right direction. Where can I find ISC2's (or learnzapp'2) vulnerability disclosure program? Thank you in advance.

Reply
0 Kudos
0 Replies