From c1c1d6537898e16412a99f13fba774e78e849ff0 Mon Sep 17 00:00:00 2001 From: Torsten Scholak Date: Mon, 21 Oct 2024 15:35:13 -0400 Subject: [PATCH 1/2] Update SECURITY.md --- SECURITY.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 7230bdd59..294d9c8ad 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -9,10 +9,14 @@ The Fast-LLM project is currently in a pre-release state. There are no officiall | 0.1.x | :white_check_mark: | | < 0.1.0 | :x: | --> -## Reporting a Vulnerability +## ServiceNow is Committed to Full Transparency -To report a security vulnerability in Fast-LLM, please email our [Product Security Incident Response Team (PSIRT)](https://securitylab.servicenow.com) at [disclosure@servicenow.com](mailto:disclosure@servicenow.com). Include a detailed description of the issue, steps to reproduce it, and any relevant information that may help in investigating the matter. +If you find a vulnerability in ServiceNow systems, products, or network infrastructure, our [Responsible Disclosure Program](https://www.servicenow.com/company/trust/privacy/responsible-disclosure.html) is the place to make a report. +If you find a vulnerability in this open-source project published by the ServiceNow Research team, please email [servicenow-research@servicenow.com](mailto:servicenow-research) to report your findings. + +We will process your report as soon as possible, depending on the severity of your report. We appreciate everyone's help in disclosing vulnerabilities in a responsible manner. + ## Guidelines Please follow the guidelines below when [disclosing vulnerabilities](https://www.servicenow.com/company/trust/privacy/responsible-disclosure.html): From 58bf8f1b59f0ff1a2d9b17f67009c7917dd369f3 Mon Sep 17 00:00:00 2001 From: Torsten Scholak Date: Mon, 21 Oct 2024 15:38:10 -0400 Subject: [PATCH 2/2] Update SECURITY.md --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 294d9c8ad..643b23f77 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -13,7 +13,7 @@ The Fast-LLM project is currently in a pre-release state. There are no officiall If you find a vulnerability in ServiceNow systems, products, or network infrastructure, our [Responsible Disclosure Program](https://www.servicenow.com/company/trust/privacy/responsible-disclosure.html) is the place to make a report. -If you find a vulnerability in this open-source project published by the ServiceNow Research team, please email [servicenow-research@servicenow.com](mailto:servicenow-research) to report your findings. +If you find a vulnerability in this open-source project published by the ServiceNow Research team, please email [servicenow-research@servicenow.com](mailto:servicenow-research@servicenow.com) to report your findings. We will process your report as soon as possible, depending on the severity of your report. We appreciate everyone's help in disclosing vulnerabilities in a responsible manner.