The Department of Homeland Security (DHS) has a unique information and communications technology footprint that is tightly interwoven and globally deployed. Many DHS technologies are deployed in critical infrastructure systems and, to varying degrees, support ongoing homeland security operations; the proper functioning of DHS systems and applications can have a life-or-death impact on DHS personnel and international allies and partners of the United States.
Our information systems provide critical services in support of the widespread, critical missions of DHS. Maintaining the security of our networks is a high priority at DHS. Ultimately, our network security ensures that we can accomplish our missions and contribute to the success of the individuals who contribute to the mission success.
DHS recognizes that security researchers regularly contribute to the work of securing organizations and the Internet as a whole. Therefore, DHS invites reports of any vulnerabilities discovered on internet-accessible DHS information systems, applications, and websites. Information submitted to DHS under the Vulnerability Disclosure Program Policy and Rules of Engagement will be used for defensive purposes – to mitigate or remediate vulnerabilities in our networks.
This program upholds the DHS motto “See Something – Say Something” in the virtual environment by positively engaging with and establishing a communication loop between researchers and DHS.
(Bugcrowd.com)
If you would prefer not to participate in our Bugcrowd.com program or would prefer to submit anonymously, you can also use our Vulnerability Disclosure Form.