Rapid7 views independent cybersecurity research and the security community as important drivers for advancing cybersecurity for all, a core value for Rapid7. One way we take action on this value is by supporting protection for security researchers acting in good faith. We have spoken out on this issue in the context of the Computer Fraud and Abuse Act (CFAA) consistently for several years, as well as Section 1201 of the Digital Millennium Copyright Act (DMCA), the Wassenaar Arrangement export controls, and coordinated vulnerability disclosure adoption, among others. Throughout this advocacy, we have endeavored to balance meaningful protection for independent security research with commonsense security needs and the boundaries of responsible behavior.
This post continues this advocacy, and continues to balance those considerations, as we try our hand at drafting protection for security research under the CFAA. Our proposed CFAA security research defense, which is subject to change based on feedback, is below and also available here.
The proposed ..
Support the originator by clicking the read the rest link below.
