Skip to content
This repository has been archived by the owner on Oct 16, 2019. It is now read-only.
/ tts-buy-bug-bounty Public archive

Solicitation and acquisition documents created for the TTS Bug Bounty program that can be reused by other government agencies and organizations.

License

Notifications You must be signed in to change notification settings

18F/tts-buy-bug-bounty

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

TTS Bug Bounty

Background

As part of its programmatic focus on security, the Technology Transformation Services (TTS) had to purchase access to a pre-existing, commercially available Bug Bounty SaaS Platform that would allow it to manage the TTS Bug Bounty program. The purpose of this acquisition is to give TTS access to a large network of security researchers, people who have an interest in helping to find and address bugs and other technical issues within TTS-owned web applications.

What we're hoping to end up with

The purpose of this solicitation is for the contractor to deliver a Bug Bounty program which TTS will utilize for TTS-owned web applications. The contractor will provide access to their Bug Bounty SaaS Platform for researchers to report vulnerabilities (“Platform/Network Access”) and allow TTS to manage and track issues across multiple public web applications, triage services for those reported vulnerabilities, disburse rewards for effective vulnerabilities, and explain the reasons behind rejections (“Vulnerability Report Triage Services”).

Contributing

See CONTRIBUTING for additional information.

Public domain

This project is in the worldwide public domain. As stated in CONTRIBUTING:

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

About

Solicitation and acquisition documents created for the TTS Bug Bounty program that can be reused by other government agencies and organizations.

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published