|
|
|
|
|
|
by anonymous908213
147 days ago
|
|
|
> If you contact a company to report a bug, and that company routes it to some third party support contractor That is not what happened, though. You can contact Valve/Steam directly. They specifically went to the third-party vendor, because the third-party vendor offers a platform to give them credit and pay them for finding security exploits. It is not the responsibility of the third-party vendor to manage all bug reports. |
|
|
I don't know, the wording on their site suggests hackerone is the primary place to report security issues, not "if you want to get paid use hackerone, otherwise email us directly".
>For issues with Steam or with Valve hardware products, please visit HackerOne — https://hackerone.com/valve. Our guidelines for responsible disclosure are also available through that program.
https://www.valvesoftware.com/en/security