Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

[email protected]

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

Vulnerability Disclosure

Velocity Vulnerability Disclosure Program

At Stern Security, the security of our systems, our customers’ data, and the Velocity platform is our top priority. We understand that despite our best efforts, no security system is impenetrable. As such, we value the security community’s efforts in making the internet a safer place and encourage responsible disclosure of any vulnerabilities within our systems.

Reporting a Vulnerability:

We ask that any security researcher or user who believes they have discovered a potential security vulnerability in Velocity please send their findings to help[at]sternsecurity.com. To help us assess the nature and scope of the issue, please include the following information with your report:

  • A clear and concise description of the potential vulnerability.
  • Steps to reproduce the issue (Proof of Concept scripts or screenshots are helpful).
  • Any relevant URLs or other information that could be helpful in our investigation.
  • Your contact information so we can communicate with you about the issue.

Our Commitment:

Upon receiving a vulnerability report, Stern Security commits to the following:

  • Acknowledgement of receipt of your report within two business days.
  • A thorough investigation of the issue, followed by an assessment of the impact.
  • Timely updates on our progress toward resolving the vulnerability.
  • An open line of communication with the reporting individual or entity.

Recognition:

We believe in recognizing the efforts of those who responsibly disclose vulnerabilities to us. While we do not currently have a monetary bounty program, we are committed to publicly acknowledging the contributions of security researchers who help keep our platform safe (unless anonymity is requested).

Legal:

Stern Security pledges not to initiate legal action against individuals who submit vulnerability reports through our Vulnerability Disclosure Program (VDP) and who follow the guidelines for responsible disclosure outlined above. We ask that researchers:

  • Do not access or modify user data without permission.
  • Avoid degradation of Velocity services, including Denial of Service attacks.
  • Keep the details of any vulnerabilities confidential until we have been able to address them.

Contact:

For any questions or submissions regarding our Vulnerability Disclosure Program, please contact us at help[at]sternsecurity.com.

Thank you for helping to keep Velocity and our users safe.