Computer Access Laws
限制计算机访问和使用的法律应该谨慎地平衡打击网络犯罪的需要与支持安全研究的价值, innovation, and other legitimate activity.
DMCA
《十大赌博官方正规网址》(DMCA)通过限制分析软件漏洞的能力,可能会阻碍善意的安全研究. We support changes to extend protections for security researchers without diminishing copyright.
- 11/14/21 - Rapid7 analysis on 2021 security researcher rules
- 07/16/21 - Ex Parte letter to Copyright Office on security researcher protection
- 06/23/21 - Rapid7 joins statement on DMCA lawsuits against security tools
- 07/13/18 - Rapid7 response to DOJ letter on DMCA security researcher exemption
- 12/18/17 - 向版权局提出联合意见,支持加强DMCA安全研究人员豁免
- 06/28/17 - Copyright Office Calls for New Cybersecurity Researcher Protections
- 10/27/16 - Joint comments to Copyright Office on specific DMCA reforms to protect security researcher
- 03/15/16 - Rapid7, Bugcrowd, and HackerOne file pro-researcher comments on DMCA Sec. 1201
- 10/28/15 - New DMCA Exemption is a Positive Step for Security Researchers
CFAA
Independent security research is valuable for advancing cybersecurity, 但《十大赌博正规信誉网址》(CFAA)对有益的研究和恶意黑客行为几乎没有区别. 我们支持负责任的CFAA改革和澄清,以保护安全研究人员和互联网用户免受过于宽泛的责任.
- 06/04/21 - Proposed security researcher protection under CFAA
- 06/03/21 - Analysis of Supreme Court opinion narrowing CFAA
- 07/13/20 - Rapid7 joins CFAA brief to the Supreme Court
- 10/20/15 - Why I Don't Dislike the Whitehouse/Graham Amendment
- 01/26/15 - How Do We De-Criminalize Security Research?
- 01/23/15 - Will the President's Cybersecurity Proposal Make Us More Secure?
UK Computer Misuse Act
The UK's Computer Misuse Act (CMA) imperils the sharing of defensive security tools, provides no acknowledgement of the importance of good faith security research, and fails to define what constitutes authorization for access to systems. Rapid7支持合理的改革,澄清这些问题,在不为滥用创造机会的情况下推进网络安全.
States
Rapid7偶尔会就计算机访问法律向各州提供建议,以保护消费者和企业,同时避免阻碍研究和创新.
Hack Back
授权私营实体采取积极措施报复黑客行为,可能会破坏网络安全并造成附带损害.
- 06/17/21 - Rapid7 Position on Private Sector Hack Back
- 05/24/17 - Why Companies Shouldn’t Try to Hack Their Hackers
- 04/17/18 - Georgia Should Not Authorize "Hack Back"