Vulnerability Disclosure Policy / Coordinated Vulnerability Disclosure Policy
Jurisdiction
Spain
Region
Europe
Requirement
Recommended
Organization
Instituto Nacional de Ciberseguridad (INCIBE) - CERT
Provision
N/A
Applies to
Reporters of vulnerabilities / good faith security researchers
Date
N/A
Description
INCIBE-CERT has an established CVD (Coordinated Vulnerability Disclosure) policy that supports those who wish to provide information on vulnerabilities detected, both in INCIBE-CERT's own systems and in the systems of third parties, citizens and private entities in Spain. For this reason, INCIBE-CERT provides support to those people who wish to provide information on vulnerabilities they have detected, and acts by anonymising the informant's data, unless the informant expressly indicates otherwise (at any time during the vulnerability management) or a judge so requires.