73 STRINGS RESPONSIBLE DISCLOSURE POLICY

Vulnerability Disclosure Guidelines

All technology contains bugs. If you've found a security vulnerability, we'd like to help. By submitting a vulnerability to 73 Strings Security Team, you acknowledge that you have read and agreed to these guidelines.

Vulnerability Disclosure Viewpoints

Vulnerability Disclosures should...

Do no harm: Do not take advantage of the vulnerability or problem you have discovered. For example, by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other peoples data.

Be Responsible: Do not use attacks on physical security, social engineering, (distributed) denial of service, spam, or applications of third parties.

Provide Details: Provide sufficient information to reproduce the problem, so we will be able to resolve it as quickly as possible. Use SECURITY_RESEARCH as code in the subject line while sending the email.

Respect privacy. Make a good faith effort not to access or destroy another user's data.

We Promise

• To respond within 7 business days.
• To respond with our evaluation within 14 business days.
• If you followed the instructions above, we would not take legal action against you regarding your report.
• We will handle your report with strict confidentiality and will never pass on your personal details to third parties without your permission.
• We will keep you informed of the progress towards resolving the problem.

Contact

73 Strings is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at [email protected] 

Copyright © 2024 73 Strings. All rights reserved.