How We Keep Meetings Secure and Reliable at Whereby
Read more about our Vulnerability Disclosure Policy and how we respond to vulnerabilities within the Whereby platform here.
At Whereby, we consider security an integral part of our development process. That means we’re working behind the scenes to build a secure and reliable service that works how and when you expect it to.
As part of that mission, we’ve created our Vulnerability Disclosure Policy, which enables us to quickly and thoroughly respond to community and user-reported security vulnerabilities (should any exist) within the Whereby platform.
This new policy bolsters our existing regular penetration test, which serves as a point-in-time assessment of the security of our platform. But we know that the technical landscape is ever-evolving, so a point-in-time assessment isn’t enough to ensure we’re living up to our commitment of taking security seriously. Our Vulnerability Disclosure Policy complements existing security checks and serves as a continuous community-sourced assessment of our platform.
What is a Vulnerability Disclosure Policy?
Put simply, a Vulnerability Disclosure Policy or VDP gives anyone – ethical hackers, researchers, users, etc. – clear guidance for reporting potentially harmful security vulnerabilities within a given platform to the appropriate company contacts. And VDPs can go a long way in helping to ensure the security and reliability of some of our favorite software tools.
Despite their usefulness, research from HackerOne, a vulnerability coordination and bug bounty platform, shows that only 93% of companies on the Forbes Global 2000 list do not have a VDP in place. But we’re aiming to change that.
Our Vulnerability Disclosure Policy explains upfront what does and does not comprise a potential vulnerability, guiding researchers on what we consider relevant (and potentially bounty-worthy). You can read the full details of our VDP here.
We’re looking forward to working with our community of users, supporters, and fellow security experts to continually drive up the security of the Whereby platform and we welcome your feedback on the policy too.
To get in touch, contact security@whereby.com.
