How does it work
OpenCIRT acts as a "secure link" between ethical hackers and companies. We protect hackers' privacy as long as the vulnerabilities reported meet our Acceptable Hacking Policy, and we protect companies by making them aware of security issues in the most efficient, private, and responsible way.
Submit any vulnerability found in any public-facing system, as long as it meets our Acceptable Hacking Policy.
Our internal triage team makes sure the vulnerability is valid, impactful and well explained.
We notify all the parties involved in the most responsible way and make sure they take the necessary steps to fix and secure.
Congratz! You made the Internet safer. Plus, you get paid if the company spontaneously decides to reward your effort.