top of page

Security Vulnerability Reporting

We've designed our infrastructure and services for security, to protect our customers and their data. But if you discover a security vulnerability with any of our products, control panels, or other infrastructure, we want to know.

​

Reporting process

Security issues within our product offerings take a very high priority. We want to work with you to understand the scope of the vulnerability and ensure that we correct the problem fully.

​

1. Report a vulnerability by notifying us at security@seceng.com. (If needed, you can encrypt your email using our public PGP key.) Please provide detailed information about the following:

  • The product, control panel, or infrastructure involved.

  • The steps required to reproduce the issue. Please provide scripts/requests, if possible.

  • The impact of the vulnerability and how it can be exploited.

  • ​

Remember to use discretion when reporting issues and respect our customers’ and users’ data and privacy.

​

2. Once we receive your report, we will contact you to confirm we have received it. We may also contact you for additional information, as we investigate the issue.

​

3. Please do not post or share any information about a potential security vulnerability in any public setting until we have researched, responded to, and addressed the reported vulnerability and informed customers, if needed. Our products are complex, and reported security vulnerabilities will take time to investigate, address, and fix.

​

Security disclosure and notifications

For the protection of our customers, Security Engineering Inc. does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches, fixes, or releases are available. Security Engineering Inc. usually distributes security disclosures and notifications through blog posts and customer support portals.

 

Note: While we sincerely appreciate reports for vulnerabilities of all severity levels, this listing is reserved for people who have reported previously unknown vulnerabilities, which Security Engineering Inc. has determined to be of a high or critical severity, or in cases where there has been continued research or other contributions made by the person.

​

Having trouble with an account?

If you’re a Security Engineering Inc. customer and you’re having difficulty accessing your account, or if you believe your account has been accessed without your authorization, please contact our support team.

bottom of page