Link to Responsible Vulnerability Disclosure page

author: Fabrice Bellingard <fabrice.bellingard@sonarsource.com> 2019-05-10 13:50:21 +0200
committer: SonarTech <sonartech@sonarsource.com> 2019-05-10 20:21:40 +0200
commit: 83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6 (patch)
tree: e651f3f1c633d1b531fdf0fcfaf7db02898eb76c /server/sonar-docs/src/pages/sonarcloud
parent: b13cd1f7af19660bd208871aba234cb596eaf8e7 (diff)
download: sonarqube-83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6.tar.gz
sonarqube-83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/server/sonar-docs/src/pages/sonarcloud/security.md b/server/sonar-docs/src/pages/sonarcloud/security.md
index 7a31dbecf91..59fb614eabb 100644
--- a/server/sonar-docs/src/pages/sonarcloud/security.md
+++ b/server/sonar-docs/src/pages/sonarcloud/security.md
@@ -28,6 +28,8 @@ At the software level, SonarCloud ensures private source code is accessible to o
 
 SonarCloud UI and APIs regularly pass penetration testing conducted by a an external company, specialized in cyber and application security, certified in accordance to ISO-27001 and which is also member of the OWASP.
 
+In case you find a vulnerability, please follow our [Responsible Vulnerability Disclosure process](https://community.sonarsource.com/t/responsible-vulnerability-disclosure/9317) to report it to our Security team.
+
 ## Communications
 
 All communications are done over TLS 1.2:
author	Fabrice Bellingard <fabrice.bellingard@sonarsource.com>	2019-05-10 13:50:21 +0200
committer	SonarTech <sonartech@sonarsource.com>	2019-05-10 20:21:40 +0200
commit	83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6 (patch)
tree	e651f3f1c633d1b531fdf0fcfaf7db02898eb76c /server/sonar-docs/src/pages/sonarcloud
parent	b13cd1f7af19660bd208871aba234cb596eaf8e7 (diff)
download	sonarqube-83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6.tar.gz sonarqube-83f1cb5aaece36cbd9d2ea74517bcdf7c3d26dd6.zip