Report a security or privacy vulnerability
We at Verificient are committed to providing secure and transparent services to both our clients and end-users. As digital security threats continue to evolve, we are constantly looking for possible security vulnerabilities that might weaken our online risk posture. While our products and systems are developed and maintained around the highest quality standards, there may be instances where an issue might slip by. Hence, we welcome responsible reporting of potential security threats and bugs or any web-based security concerns that our team can promptly address.
To report a vulnerability, email us at security@verificient.com and include the following, to the extent feasible.
- Your email address so our security team can reach out to you for any questions.
- A detailed description of the vulnerability and how it was discovered.
- Screenshots of the vulnerability.
- IP address or the URL of the affected system.
- Clear and concise steps to reproduce the vulnerability.
- Proof of concept testing.
The Verificient security team will acknowledge and respond to your report within 72 hours of receiving it. We will inform you about any actions taken and maintain your confidentiality throughout the process.
We would appreciate it if you followed these best practices to ensure the security of our clients:
- Do not take advantage of the vulnerability or problem you have discovered, for example, by downloading more data than necessary to demonstrate the vulnerability or by deleting or modifying the data of others.
- Do not reveal the problem to others until it has been resolved.
- Do not use attacks on physical security, social engineering, distributed denial of service, spam, or third-party applications.