Vulnerability Disclosure Policy

The ICRC is committed to preventing cyber security crimes on their systems and is grateful to external security researchers for their time and efforts in identifying technical vulnerabilities linked to the ICRC’s systems.

This policy is intended to give security researchers guidelines for conducting vulnerability discovery activities and steps to report back to the ICRC.