SECURITY VULNERABILITY REPORTING POLICY

HYPERVIEW SECURITY VULNERABILITY REPORTING POLICY

Date Last Updated: July 17, 2019

Hyperview is committed to working with the security research community to verify, reproduce and respond to legitimate reported vulnerabilities. We value the community’s feedback on our products and services.

To report a security vulnerability please send an email to: vulnerability@hyperviewhq.com. We ask you to provide the following details with each report:

  • Your name
  • Contact information
  • Company name (if applicable)

We will prioritize encrypted reports. Please include your PGP public key with such reports.

Download the Hyperview PGP key.

Disclosure Guidelines
The Hyperview security team will investigate legitimate reports and make every effort to quickly correct any vulnerability.
We encourage and respect responsible reporting and will not take legal action against you or ask law enforcement to investigate you if you comply with the following Disclosure Guidelines:

  • Provide full details of the vulnerability, including information needed to reproduce and validate the vulnerability and a Proof of Concept (POC)
  • Make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our services
  • Do not modify or access data that does not belong to you
  • Give us a reasonable time to correct the issue before making any information public

We will attempt to respond to your report within 1-2 business days.

Contact Us
Please contact us if you have any questions or comments about our security vulnerability reporting or this Policy. You can reach us online at info@hyperviewhq.com.