Login

Security Policy

Responsible Disclosure

We take the security of our systems seriously, and we value the security community. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our users.

Guidelines

  • Please provide detailed reports with reproducible steps. If you have a fix, that is very helpful, but please do not feel obligated to provide one.
  • Submit your report to security@ibrief.co and include the word "SECURITY" in your subject line.
  • Do not take advantage of the vulnerability or problem you have discovered.
  • Do not reveal the vulnerability to others until it has been fixed.
  • Do not use attacks on physical security, social engineering, denial of service, spam, or applications of third parties.

What We Promise

  • We will respond to your report within 3 business days with our evaluation and expected resolution.
  • We will handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission.
  • We will keep you informed of the progress towards resolving the problem.
  • In the public information concerning the problem reported, we will give your name as the discoverer of the problem (unless you desire otherwise).