We take the security of our systems seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users help us to continuously improve.
Effective Date: April 1, 2020
KEDEHub Vulnerability Disclosure Policy
We take the security of our systems seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users help us to continuously improve.
How to report a security vulnerability?
If you believe you've found a security vulnerability in one of our products or platforms please send it to us by emailing security@kedehub.io mentioning "Vulnerability Disclosure" in the subject. Please include the following details with your report:
Guidelines
We require that all researchers:
If you follow these guidelines when reporting an issue to us, we commit to:
Scope
In Scope:
Outside Scope:
In the interest of the safety of our users, staff, the Internet at large and you as a security researcher, the following test types are excluded from scope:
Things we do not want to receive:
Policy Violation
If in violation of these terms at the Company's sole determination, the Company may suspend or terminate the Subscriber access to the Services without prior notice to the Subscriber and the Company will have no liability to the Subscriber regarding the deletion, blocking or removal of content or the suspension or termination of SaaS Services, and in certain cases prompting further legal action.
This policy was elaborated observing the best practices of the Open Source Vulnerability Disclosure Framework.