Code of Conduct

Established on November 1st, 2022

    This Code of Conduct applies to all Researchers when participating in a Program. Researcher shall fully understand and agree to comply with the terms and conditions of this Code of Conduct before using the Service. By using the Service, Researcher agrees to comply with this Code of Conduct. This Code of Conduct shall apply in addition to the Terms of Service. Capitalized terms used in this Code of Conduct shall have the meanings defined in the Terms of Service.

    Prohibited Matters

    When using the Service, Researcher shall not:

  1. I. Investigate vulnerability beyond the scope specified in the relevant Program Policy;
  2. II. Investigate vulnerability outside the term of the relevant Program;
  3. III. Exploit vulnerability beyond the scope necessary for the vulnerability investigation, such as exploiting a vulnerability to obtain trade secrets or Personal Information of a Corporate Member;
  4. IV. Use or attempt to access any account or credential other than those authorized to be used by the relevant Program Policy;
  5. V. Falsify or delete data used by a Corporate Member for its business;
  6. VI. Conduct any DOS attack on a Corporate Member’s system;
  7. VII. Install a backdoor in a Corporate Member’s system;
  8. VIII. Interfere with the stable operation of a Corporate Member’s system beyond the scope specified in the relevant Program Policy;
  9. IX. Use social engineering beyond the scope permitted by the relevant Program Policy;
  10. X. Use threatening behavior against any Corporate Member; and
  11. XI. Request a Corporate Member to pay money or provide benefit other than the rewards specified in the Program Policy.