USA Banner

Official US Government Icon

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure Site Icon

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Disclosure Policy

The Federal Permitting Improvement Steering Council (the "Permitting Council") is committed to maintaining the security of our systems and protecting sensitive information from unauthorized disclosure. 

This Vulnerability Disclosure Policy (VDP) describes the activities that can be undertaken by security researchers to find and report vulnerabilities in internet-accessible systems and services in a legally authorized manner. Security researchers can be any person of any age or affiliation located anywhere in the world.

Security researchers should feel comfortable reporting vulnerabilities discovered, as defined in this policy, to afford Permitting Council the opportunity to remediate the findings for the purpose of ensuring confidentiality and keeping the information safe. 

We encourage you to contact us to report potential vulnerabilities in our systems.

The below linked Department of Transportation’s Vulnerability Disclosure Policy also applies to all Federal Permitting Improvement Steering Council managed systems and services that are accessible from the Internet. This includes the registered domain names: https://www.fpisc.gov and https://www.permitting.gov which redirects to https://www.permits.performance.gov

 

Vulnerability Disclosure Policy - U.S. Department of Transportation

Last updated: Friday, January 6, 2023