At Denaee, safeguarding the security and privacy of our digital infrastructure, services, and user data is of paramount importance to us. We recognize the significant role that both security researchers and the broader online community play in assisting us to identify and address potential security vulnerabilities. To foster a safe and secure online environment, we have formulated the following Responsible Disclosure Statement:
Reporting Security Vulnerabilities:
Should you come across any potential security vulnerabilities within our systems, services, or applications, we strongly encourage you to promptly report them to us. Your assistance in identifying and responsibly disclosing these vulnerabilities is critical in ensuring the integrity and security of our systems and the sensitive data entrusted to us.
Guidelines for Responsible Disclosure:
When reporting a security issue to us, we kindly request that you adhere to the following guidelines:
1. Contact Us Privately: Please refrain from publicly disclosing information about the vulnerability until we have had the opportunity to thoroughly investigate and address it. You can reach out to us privately via email at [hello@denaee.com].
2. Provide Adequate Details: In order for us to fully comprehend the nature and potential impact of the vulnerability, we ask that you furnish us with a comprehensive description. This should include clear steps to reproduce the issue, along with any supporting materials such as screenshots or proof-of-concept code.
3. Act Ethically: It is essential that all actions undertaken in the process align with ethical principles and legal regulations. We expect that you do not engage in any activities that could potentially harm our systems or compromise user data.
4. Respect User Privacy: If your testing or research necessitates access to user data, we require that you exercise the utmost discretion, respecting user privacy and confidentiality. Access should only be granted to data directly related to the security issue you are reporting.
Our Commitment:
Upon receipt of your report, our dedicated security team will conduct a prompt assessment to validate the reported vulnerability. We are committed to:
– Maintaining open lines of communication with you throughout the resolution process, acknowledging your valuable contribution to our security efforts.
– Thoroughly investigating and addressing the identified vulnerability in a timely manner.
– Keeping you informed of the status of the issue and any relevant remediation actions.
– Recognizing your responsible disclosure, either by acknowledging your contribution in our security hall of fame or, if preferred, maintaining your anonymity.
Legal Considerations:
Denaee understands that security researchers engaged in responsible disclosure may require legal protection. We commit to refraining from initiating legal action against individuals who, in good faith, make efforts to identify and report security vulnerabilities in accordance with this policy.
Scope:
This Responsible Disclosure Statement encompasses all digital properties owned by Denaee, including websites, applications, and digital services.
By participating in responsible disclosure and adhering to these guidelines, you play an integral role in helping us maintain a secure digital environment for our users. We deeply appreciate your dedication to online security and the valuable assistance you provide.
Contact Information:
For reporting security vulnerabilities or inquiries related to this Responsible Disclosure Statement, please contact us at [hello@denaee.com].
