Security and Privacy
Hyperproof’s Vulnerability Disclosure Program
Purpose and scope of the program
Hyperproof’s Vulnerability Disclosure Program ensures our cloud offering meets the highest standards in information security. We encourage ethical researchers to challenge our security defenses through reasonable means and with a commitment to non-disruption.
Hyperproof’s commitment
Hyperproof commits to working with the community of vulnerability researchers to validate suspected in-scope vulnerabilities and follow through with appropriate risk mitigation.
Researcher’s commitment
Follow ethical standards and the guidelines below throughout the effort to uncover vulnerabilities.
Responsible disclosure guidelines
Report promptly: Please notify us as soon as you discover any potential vulnerabilities.
Respect privacy and integrity: Avoid violating the privacy of Hyperproof or its customers, disrupting service availability, or compromising the integrity of our systems.
Act responsibly in case of a breach: If you inadvertently breach the guideline above, cease all related activity immediately and report the incident to Hyperproof without delay.
Stay within scope: Do not attempt to identify vulnerabilities outside the defined scope of testing.
Avoid exploiting vulnerabilities: Do not use any vulnerabilities to intentionally access sensitive data, disrupt services, or compromise system integrity.
Allow time for resolution: Give us adequate time to investigate and remediate any reported vulnerabilities before disclosing or taking further action.
Keep findings confidential: Any discovered vulnerabilities or exposure of sensitive information must remain confidential and should only be shared with Hyperproof.
Share your discovery process: Include clear, detailed steps that led to the discovery of the vulnerability, along with all relevant technical details.
