format

docs/content/preview/secure/vulnerability-disclosure-policy.md

@@ -14,7 +14,7 @@ type: docs
 
 An important part of Yugabyte's strategy for building a secure platform for our users is vulnerability reporting. We value working with the broader security research community and understand that fostering that relationship will help Yugabyte improve its own security posture. We take vulnerabilities very seriously regardless of source, and strongly encourage people to report security vulnerabilities **privately to our security team** before disclosing them in a public forum. Our goal is to surface vulnerabilities and resolve them privately before they can be exploited.
 
-## Our Commitment
+## Our commitment
 
 1. **In scope** We commit to investigate and address any reported issues, and request that you use the following process for the reporting of security vulnerabilities in the following products:
 
@@ -30,7 +30,7 @@ An important part of Yugabyte's strategy for building a secure platform for our
 
 1. We assure you that we will not initiate legal action against researchers who are acting in good faith and adhering to this process.
 
-## The Process
+## The process
 
 1. **Report the Concern.** If you have any security concerns or would like to report undisclosed security vulnerabilities in our products or services, please email us at [security@yugabyte.com](mailto:security@yugabyte.com). Note that we do not accept bug reports at this address.
 
@@ -49,7 +49,7 @@ An important part of Yugabyte's strategy for building a secure platform for our
 
 1. **Use Common Sense.** Please use common sense when looking for security issues with our products. Attacking or compromising Yugabyte users' installations, or attacks on our infrastructure are not permitted.
 
-## Next Steps
+## Next steps
 
 1. We will promptly investigate any reported issue. In certain cases, we may work privately with you to resolve the vulnerability. We may choose not to disclose information publicly while we investigate and mitigate any risk.