This repository has been archived by the owner on Oct 16, 2019. It is now read-only.
Background Program Management #23
Comments
|
As outlined within RFQ Section 3.0 Requirements, the vendor must make the program visible to its community of researchers, and be able to promote its presence on the platform to those researchers. The vendor must support features that allow the government to promote the program by sharing information about payouts and specific vulnerability reports. The vendor is not required to publicly disclose all vulnerability reports, or to disclose all aspects of tracking, workflow, and payouts on the platform. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Question/Comment on TTS Bug Bounty RFQ
Name and affiliation
Brett Kozisek
Director
Synack Inc.
Section of RFQ documents
RFQ Section 2.0 - Background - https://github.com/18F/tts-buy-bug-bounty/blob/master/2018-procurement/RFQ.md#20-background
Fifth paragraph in this section states “Program management services include services related to promotion of the program, tracking and workflow, and payouts”.
Question/Comment
Does the vendor have to specifically publicly disclose tracking, workflow and payout?
The text was updated successfully, but these errors were encountered: