Responsible Disclosure Policy
Helping us build a safer internet together. We value the security research community's contributions in making our products and systems more secure.
Report a Vulnerability
to Briskinfosec
Although our team of Security Engineers are making every effort to mitigate all the Vulnerabilities in our applications and systems, Briskinfosec invites independent security groups and individual researchers to find and report vulnerabilities in our systems and applications to help us make it even safer for our Clients.
It is our mission to keep our Clients safe online by providing secure products to protect them and maintain their privacy. We constantly monitor and test our applications and systems but are aware that as a global Cyber Security company, we will always be a target for cybercriminals.
If you discover a vulnerability in our products, website, or system, we appreciate your cooperation in responsibly investigating and reporting it to us so that we can address it as soon as possible. We take all reports regarding a security issue seriously and will work with you to thoroughly analyze your findings.
Report any indications for a potential security vulnerability to Briskinfosec by emailing:
contact@briskinfosec.comYou can submit the vulnerability report anonymously if you don't want to disclose your identity.
Secure Together with Briskinfosec
Guidelines & Rules
To ensure responsible and ethical disclosure, all researchers must adhere to the following guidelines when reporting vulnerabilities.
Respect Privacy & Services
Don't violate the privacy of other Client users, destroy data, disrupt our services (Website pentest), etc.
Provide Detailed Reports
Provide detailed information about your findings with proper explanation about the vulnerability, its business logic impacts and steps to reproduce the issue (including available indications, for example, IP addresses, logs, screenshots).
Do Not Exploit
Do not take advantage of the vulnerability or the problem you have discovered - for example: attempts to exploit vulnerability that disrupts the business flow of applications, tampering with client data for demonstrating the vulnerability, etc. In such cases, Briskinfosec has the authority to take legal action and disqualify your report.
No Public Disclosure
Do not disclose information about the vulnerability publicly until we have taken action to fix it completely.
Our Commitment to You
Once you report a vulnerability to us, we will respond within five business days to work with you on evaluating the issue and determining next steps.
5 Business Days
Initial response time guaranteed for every vulnerability report submitted to our security team.
Strict Confidentiality
We will handle your report with strict confidentiality and will not pass any of your details to any third party without your explicit permission.
Regular Updates
We will keep you informed of progress as we resolve the issue, ensuring full transparency throughout the process.
Hall of Fame Recognition
If eligible for hall of fame, with your permission, we will credit you by giving your name as the discoverer of the problem (unless you do not want us to), and you will be a proud member of Briskinfosec's Responsible Disclosure Hall of Fame.