"Hacking Policy Council Launched to Support Security Research and Disclosures"

Google and other companies will develop and launch new initiatives aimed at providing policy guidance to governments and legal protection to security researchers engaged in "good faith" vulnerability research and disclosure. The tech giant also announced that it would formalize an internal policy to be transparent when vulnerabilities in Google products are exploited in the wild. The moves include establishing an industry-led Hacking Policy Council and a nonprofit that would fund the legal fees of security researchers who are sued or prosecuted for conducting vulnerability research. The council will consist of representatives from bug bounty companies HackerOne, BugCrowd, and Luta Security, as well as the cybersecurity law firm Venable. It will bring together like-minded organizations and leaders who will advocate for new policies and regulations that support best practices for vulnerability management and disclosure without jeopardizing the security of users. This article continues to discuss the new initiatives that will provide policy guidance to governments and legal protection to security researchers.

SC Media reports "Hacking Policy Council Launched to Support Security Research and Disclosures"