From c7253931f042b4f6f8f7a20f947b1f0503b4c566 Mon Sep 17 00:00:00 2001 From: Arnauec <90959322+Arnauec@users.noreply.github.com> Date: Mon, 3 Apr 2023 16:45:30 +0200 Subject: [PATCH] Update SECURITY.md to remove sec email The sec email is getting deprecated, removing references to it. --- SECURITY.md | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 33b518b..c5b93f5 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -12,20 +12,12 @@ below. **Please do not report (potential) security issues through public GitHub issues.** Instead please report them through our responsible disclosure program. -We are currently operating an invite-only bug bounty with Intigriti. In -order to participate, please register with Intigriti -(https://login.intigriti.com/account/register). Then send an email to us at -security@personio.de with your @intigriti.me email address. We will then -invite you to our bounty program. Once onboard, you will be able to review -our bounty terms and scope, and safely share your findings with the team. - -Alternatively, you can report them directly to our security team via -**[security@personio.de](mailto:security@personio.de)**. If possible, please -encrypt the message with our PGP key. You can find it here: -https://keys.openpgp.org/vks/v1/by-fingerprint/C921305FC1B574C16533ACA4B3E23F29B4B09BE1 - -Please include the information listed below to help us better understand and -address the issue: +We are currently operating a registered (public with an Intigriti account) bug bounty program with Intigriti. +In order to participate, please register with Intigriti (https://login.intigriti.com/account/register). +Then go to the following link and apply (https://app.intigriti.com/researcher/programs/personio/personio/). +Once onboard, you will be able to review our bounty terms and scope, and safely share your findings with the team. + +Please include the information listed below to help us better understand and address the issue: - Your name and affiliation (if any). - The type of the issue (e.g. XSS, SQLi, buffer overflow, etc.).