02.25.2018
Bug Bounty

February Policy Updates

Paranoids logo

Dedicated Bug Hunters,

We’ve got quite a lot packed into [this month](https://www.oath.com/2019/02/25/new-name-but-same-great-reasons-to-love-bug-bounty/), so please take a few minutes to read through this update and keep an eye out for more from us.

In January this year, Oath was renamed to Verizon Media, so we thought it was just about time for us to re-brand the policy page. Our team has been working on some fresh updates to the policy and have ended up rolling a bunch of them all together into one giant update! 

The most impactful of these changes is that we now **require all attachments** to be added directly to the reports on HackerOne. *No more hosting files on vimeo, dropbox, pastebin or github*. We have been working on building automation to help move tickets through our processes much faster and these systems will not function properly if required contents are not available directly from this platform.

 

## Summary of Policy Changes:

1. Added `Safe Harbor` clause

2. Company branding has changed from Oath to Verizon Media

3. Program URLs have been updated

   * `/oath` --> `/verizonmedia`

   * `/oath-private` --> `/verizonmedia-private`

4. Clarification of some language in the `Rules` section

5. Require all attachments to be hosted on HackerOne

6. Clarify staff types who are excluded from the program eligibility

 

*If you have any questions, feel free to reach out to us however works for you. We’ve even stood up a channel, #verizonmedia, on the Bug Bounty Forum slack workspace to specifically engage in conversation with our bug hunter community.*

Happy Hacking,

The Paranoids

  • Advertise with us
  • Find the right advertising solutions for your business.
  • Join us
  • Spend every day connecting people with the things they love.
  • Follow us
© 2020 Verizon Media. All Rights Reserved