Skip to content

Commit

Permalink
chore(security): APPSEC-705 Add SECURITY.md (#624)
Browse files Browse the repository at this point in the history 
<!-- Ticket number or summary of work -->
# [APPSEC-705]


## What changed?
* Adding SECURITY.md

## Release notes draft
Adding file so that security researchers knows where to report if a
vulnerability was found on this repository.

ping @bc-traciporter 

[APPSEC-705]:
https://bigcommercecloud.atlassian.net/browse/APPSEC-705?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
  • Loading branch information
@bc-donfran
bc-donfran authored Nov 2, 2024
1 parent 9669d08 commit 04f5099
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Reporting security issues
BigCommerce is dedicated to the responsible disclosure of security vulnerabilities.
If you have found a security vulnerability in an active open-source repository created and owned by BigCommerce, please report it to our [public bug bounty program](https://bugcrowd.com/bigcommerce). If you would prefer to submit via email, please send your report to [[email protected]](mailto:[email protected]).

We ask that you **do not** open a public GitHub issue to report security concerns.

_Note: Only submissions to our bounty program on BugCrowd will be eligible for bounties. Bounty eligibility and amounts are determined according to the program guidelines._

_Note: Bugs in 3rd-party modules and/or dependencies should be reported to the owners/maintainers or those modules and/or dependencies, BigCommerce has no control or authority over third party content._

Thank you in advance for collaborating with us to help protect us and our customers.

0 comments on commit 04f5099

Please sign in to comment.