Report an IT Vulnerability | Homeland Security
Source: https://www.dhs.gov/report-it-vulnerability
Archived: 2026-04-23 17:20
Report an IT Vulnerability | Homeland Security
Skip to main content
Official websites use .gov
A
.gov
website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A
lock
(
)
or
https://
means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Countdown to America's 250th Anniversary!
162
Days
5
Hours
47
Minutes
notice
Due to the lapse in federal funding, this website will not be actively managed. Click here for more information.
Breadcrumb
Home
About DHS
Site Links
Report an IT Vulnerability
Budget & Performance
Contact Us
Employee Resources
History
Homeland Security Careers
In Memoriam
Laws & Regulations
Leadership
Mission
Organization
Site Links
Accessibility
Acronyms & Terms
Archive
En Español
Freedom of Information Act (FOIA)
Keywords
Plain Writing at DHS
Report an IT Vulnerability
BugCrowd Program
Vulnerability Disclosure Form
Terms of Use
Websites
Information Systems Vulnerability Disclosure Program
The Department of Homeland Security (DHS) has a unique information and communications technology footprint that is tightly interwoven and globally deployed. Many DHS technologies are deployed in critical infrastructure systems and, to varying degrees, support ongoing homeland security operations; the proper functioning of DHS systems and applications can have a life-or-death impact on DHS personnel and international allies and partners of the United States.
Our information systems provide critical services in support of the widespread, critical missions of DHS. Maintaining the security of our networks is a high priority at DHS. Ultimately, our network security ensures that we can accomplish our missions and contribute to the success of the individuals who contribute to the mission success.
DHS recognizes that security researchers regularly contribute to the work of securing organizations and the Internet as a whole. Therefore, DHS invites reports of any vulnerabilities discovered on internet-accessible DHS information systems, applications, and websites. Information submitted to DHS under the
Vulnerability Disclosure Program Policy and Rules of Engagement
will be used for defensive purposes – to mitigate or remediate vulnerabilities in our networks.
This program upholds the DHS motto “See Something – Say Something” in the virtual environment by positively engaging with and establishing a communication loop between researchers and DHS.
(Bugcrowd.com)
If you would prefer not to participate in our Bugcrowd.com program or would prefer to submit anonymously, you can also use our
Vulnerability Disclosure Form
.
Learn More
Read the Vulnerability Disclosure Program Policy and Rules of Engagement
Topics
Homeland Security Enterprise
Keywords
Bug Reporting
Cyber Incident
Cyber Incident Data and Analysis
Cyber Resilience Review
Cyber Tip
Cybersecurity
Cyberthreat
Industry Cybersecurity
Security Vulnerability Assessment (SVA)
Vulnerability
Vulnerability Assessment
Vulnerability Disclosure
Vulnerability Reporting
Last Updated:
11/06/2024
Back to Top
Skip to main content
Official websites use .gov
A
.gov
website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A
lock
(
)
or
https://
means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Countdown to America's 250th Anniversary!
162
Days
5
Hours
47
Minutes
notice
Due to the lapse in federal funding, this website will not be actively managed. Click here for more information.
Breadcrumb
Home
About DHS
Site Links
Report an IT Vulnerability
Budget & Performance
Contact Us
Employee Resources
History
Homeland Security Careers
In Memoriam
Laws & Regulations
Leadership
Mission
Organization
Site Links
Accessibility
Acronyms & Terms
Archive
En Español
Freedom of Information Act (FOIA)
Keywords
Plain Writing at DHS
Report an IT Vulnerability
BugCrowd Program
Vulnerability Disclosure Form
Terms of Use
Websites
Information Systems Vulnerability Disclosure Program
The Department of Homeland Security (DHS) has a unique information and communications technology footprint that is tightly interwoven and globally deployed. Many DHS technologies are deployed in critical infrastructure systems and, to varying degrees, support ongoing homeland security operations; the proper functioning of DHS systems and applications can have a life-or-death impact on DHS personnel and international allies and partners of the United States.
Our information systems provide critical services in support of the widespread, critical missions of DHS. Maintaining the security of our networks is a high priority at DHS. Ultimately, our network security ensures that we can accomplish our missions and contribute to the success of the individuals who contribute to the mission success.
DHS recognizes that security researchers regularly contribute to the work of securing organizations and the Internet as a whole. Therefore, DHS invites reports of any vulnerabilities discovered on internet-accessible DHS information systems, applications, and websites. Information submitted to DHS under the
Vulnerability Disclosure Program Policy and Rules of Engagement
will be used for defensive purposes – to mitigate or remediate vulnerabilities in our networks.
This program upholds the DHS motto “See Something – Say Something” in the virtual environment by positively engaging with and establishing a communication loop between researchers and DHS.
(Bugcrowd.com)
If you would prefer not to participate in our Bugcrowd.com program or would prefer to submit anonymously, you can also use our
Vulnerability Disclosure Form
.
Learn More
Read the Vulnerability Disclosure Program Policy and Rules of Engagement
Topics
Homeland Security Enterprise
Keywords
Bug Reporting
Cyber Incident
Cyber Incident Data and Analysis
Cyber Resilience Review
Cyber Tip
Cybersecurity
Cyberthreat
Industry Cybersecurity
Security Vulnerability Assessment (SVA)
Vulnerability
Vulnerability Assessment
Vulnerability Disclosure
Vulnerability Reporting
Last Updated:
11/06/2024
Back to Top