Responsible Disclosure Policy

Modified on Wed, 1 Nov, 2023 at 1:49 PM

Overview

Network Wealth is committed to protecting and keeping secure the information of our users and stakeholders in delivering the services within our Product. No matter how much effort we put into the prioritization of security and privacy, we acknowledge that vulnerabilities may still be present.

If you have discovered a vulnerability in our Product, we encourage you to report it to us in accordance with our Responsible Disclosure policy below and help us better protect our clients and systems.


Guidelines

We ask that any discovery of vulnerabilities follow these guidelines (the “Guidelines”):

  • Vulnerabilities should be reported using only your own authenticated account for the Product under which you are allowed to have access, you are not permitted to 
  • Do not use attacks on physical security, social engineering, distributed denial of service (DDoS), spam, or applications of third-parties
  • Do not test for vulnerabilities in a way that would degrade the operation of the services provided by the Product
  • E-mail the details of any suspected vulnerabilities to [email protected] including steps to reproduce 
  • Include as much information as possible in your steps to reproduce, including but, not limited to: IP addresses, URLs, and a description of the problem
  • Do not take advantage of the vulnerability discovered, for example, by downloading or accessing more data than is necessary to report the vulnerability
  • Do not reveal the vulnerability with others until it is resolved
  • Do not request compensation for submission of the suspected vulnerability

Our Promise

We promise to:

  • Respond to reports within three (3) business days, including our evaluation of your report and an estimated resolution date
  • Treat your report with the utmost confidentiality, and not disclose your personal information to third parties without your consent
  • Not take legal action against you, provided you have followed the Guidelines above
  • Keep you informed of the progress towards resolution of the identified vulnerability
  • Name you as the discoverer of the vulnerability when releasing information publicly, unless you desire otherwise

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article