Code of Conduct
Established on November 1st, 2022
- I. Investigate vulnerability beyond the scope specified in the relevant Program Policy;
- II. Investigate vulnerability outside the term of the relevant Program;
- III. Exploit vulnerability beyond the scope necessary for the vulnerability investigation, such as exploiting a vulnerability to obtain trade secrets or Personal Information of a Corporate Member;
- IV. Use or attempt to access any account or credential other than those authorized to be used by the relevant Program Policy;
- V. Falsify or delete data used by a Corporate Member for its business;
- VI. Conduct any DOS attack on a Corporate Member’s system;
- VII. Install a backdoor in a Corporate Member’s system;
- VIII. Interfere with the stable operation of a Corporate Member’s system beyond the scope specified in the relevant Program Policy;
- IX. Use social engineering beyond the scope permitted by the relevant Program Policy;
- X. Use threatening behavior against any Corporate Member; and
- XI. Request a Corporate Member to pay money or provide benefit other than the rewards specified in the Program Policy.
This Code of Conduct applies to all Researchers when participating in a Program. Researcher shall fully understand and agree to comply with the terms and conditions of this Code of Conduct before using the Service. By using the Service, Researcher agrees to comply with this Code of Conduct. This Code of Conduct shall apply in addition to the Terms of Service. Capitalized terms used in this Code of Conduct shall have the meanings defined in the Terms of Service.
When using the Service, Researcher shall not: