The Okta Security Team has launched a new Vulnerability Disclosure Policy (VDP) to standardize their interactions with researchers and establish clear expectations and guidelines. The policy outlines the scope, compensation details, legal considerations, and other details on what to expect when working with Okta to improve its security. Researchers can submit findings through either coordinated disclosure terms or Bugcrowd, with the same scope applying to both methods. The team emphasizes the importance of respecting their current application, user data, and good faith in reporting vulnerabilities, and provides a recommended reporting template to guide submissions. The policy aims to make it easy for researchers to leverage Okta's security expertise and contribute to its mission of protecting customers, partners, and stakeholders.