Responsible Disclosure Policy
Elastica is dedicated to keeping its cloud platform safe from all types of security issues thereby providing a safe and secure environment to our customers. Data security is a matter of utmost importance and top priority for us. If you are a dedicated security researcher or vulnerability hunter and have discovered a security flaw in the Elastica CloudSOC platform including the cloud application and infrastructure, we appreciate your support in disclosing the issue to us in a responsible manner.
Our responsible disclosure process is managed by security team at Elastica. We are always ready to recognize the efforts of security researchers by rewarding them with a token of appreciation, provided the reported security issue is of high severity and not known to us.
While reporting the security vulnerability to Elastica Security, please refrain disclosing the vulnerability details to public outside of this process without explicit permission. Please provide the complete details. We determine the impact of vulnerability by looking into the ease of exploitation and business risks associated with the vulnerability.
As a security researcher, if you identify or discover a security vulnerability in compliance with the responsible disclosure guidelines, Elastica security commits to:
- acknowledge the receipt of reported security vulnerability in a timely fashion
- notify you when the vulnerability is remediated
- extend our gratitude by providing a token of appreciation in supporting us to make our customers safe and secure
Please send the details of the discovered vulnerability or any security issue to : firstname.lastname@example.org.