Our Response Process
Once a security vulnerability is reported, the following process will be undertaken:
Acknowledgement
We will acknowledge receipt of your report within 5 business days.
Assessment
Our technical team will review and assess the reported issue to determine its severity and impact.
Status Updates
We will provide status updates to the reporter at key stages of the investigation, including:
- Confirmation of validity
- Progress toward remediation
- Expected resolution timeframe (where applicable)
Resolution
Where a vulnerability is confirmed, we will take appropriate corrective action, which may include firmware updates, software patches, or mitigation guidance.
Closure Notification
Once the issue is resolved, we will notify the reporter and, where appropriate, publish security advisories or updates for affected customers.
Responsible Disclosure
We encourage responsible disclosure and ask that security issues are not publicly disclosed until we have had a reasonable opportunity to investigate and address the issue.
