The Justice Department wants to help you run a vulnerability disclosure program

These vulnerability disclosure programs, typically known as bug bounties, are typically created to allow participating parties to receive confidential information from independent researchers about software and hardware bugs that are affecting a company’s own systems or products. But the practice can sometimes run up against legal complications tied to the Computer Fraud and Abuse Act, or CFAA, which has been applied in different court cases in a variety of conflicting ways.

Read full news article on Cyberscoop