Update safe-harbor-faq.md

jessiwright · jessiwright · commit d3d20543beaa · 2022-10-27T08:09:14.000-04:00
diff --git a/docs/programs/safe-harbor-faq.md b/docs/programs/safe-harbor-faq.md
@@ -37,7 +37,7 @@ Safe harbor is a baseline requirement to engage with hackers in good faith. Outd
 
 A short, broad, easily-understood safe harbor statement provides ethical hackers with assurance and a binding commitment that they will not face legal risk merely for making valuable contributions to an organization’s security.
 
-Safe harbor is recommended by the U.S. Department of Justice in the [Framework for a Vulnerability Disclosure Program for Online Systems](https://www.justice.gov/criminal-ccips/page/file/983996/download) and the Cybersecurity and Infrastructure Security Agency (CISA) in the [Vulnerability Disclosure Policy Template](https://www.cisa.gov/vulnerability-disclosure-policy-template) for U.S. government agencies, championed by legal and infosec experts industry-wide in projects like the []#legalbugbounty standardization project](https://amitelazari.com/%23legalbugbounty-hof/f/legalbugbounty-standardization-project---adopt-a-safe-harbor) and [disclose.io](https://disclose.io/), and already provided by all top-tier security programs and generally most organizations running a vulnerability disclosure program. Examples of top-tier security programs across a variety of industries providing safe harbor include the [UK Ministry of Defence](https://www.gov.uk/guidance/report-a-vulnerability-on-an-mod-system), [General Motors](https://hackerone.com/gm?type=team), [John Deere](https://hackerone.com/john-deere?type=team), and the [United States Postal Service](https://hackerone.com/usps?type=team).
+Safe harbor is recommended by the U.S. Department of Justice in the [Framework for a Vulnerability Disclosure Program for Online Systems](https://www.justice.gov/criminal-ccips/page/file/983996/download) and the Cybersecurity and Infrastructure Security Agency (CISA) in the [Vulnerability Disclosure Policy Template](https://www.cisa.gov/vulnerability-disclosure-policy-template) for U.S. government agencies, championed by legal and infosec experts industry-wide in projects like the [#legalbugbounty standardization project](https://amitelazari.com/%23legalbugbounty-hof/f/legalbugbounty-standardization-project---adopt-a-safe-harbor) and [disclose.io](https://disclose.io/), and already provided by all top-tier security programs and generally most organizations running a vulnerability disclosure program. Examples of top-tier security programs across a variety of industries providing safe harbor include the [UK Ministry of Defence](https://www.gov.uk/guidance/report-a-vulnerability-on-an-mod-system), [General Motors](https://hackerone.com/gm?type=team), [John Deere](https://hackerone.com/john-deere?type=team), and the [United States Postal Service](https://hackerone.com/usps?type=team).
 
 **Does safe harbor help protect organizations?**
 
