Security researchers could face lawsuits or even prosecution. Bugcrowd founder: “Hackers and even lay people that identify security risks – they function as the internet’s immune system” More organizations are adopting researcher-friendly vulnerability disclosure programs or bug bounty programs. But hostility still sometimes surfaces, with Missouri Gov. Michael L. Parson referred a case to prosecutors that raised eyebrows around the world. In this video interview, Casey Ellis and Edward Farrell discuss how the legal environment around security research is evolving and why legal protections are needed for responsible researchers.”]
Source: https://www.cuinfosecurity.com/reporting-security-bugs-be-fraught-tension-a-17765