VULNERABILITY DISCLOSURE PROGRAM
LeadGnome takes security issues very seriously and recognize the importance of privacy, security, and community outreach. As such, we are committed to addressing and reporting security issues through a coordinated and constructive approach designed to drive the greatest protection for technology users. Whether you’re a user of LeadGnome solutions, a software developer, or simply a security enthusiast, you’re an important part of this process.
Reporting security issues
If you believe you have discovered a vulnerability in the LeadGnome service or have a security incident to report, please send email to firstname.lastname@example.org.
Once we have received a vulnerability report, LeadGnome takes a series of steps to address the issue:
- LeadGnome requests the reporter keep any communication regarding the vulnerability confidential.
- LeadGnome investigates and verifies the vulnerability.
- LeadGnome addresses the vulnerability and releases an update or patch to the software. If for some reason this cannot be done quickly or at all, LeadGnome will provide information on recommended mitigations.
- LeadGnome publicly announces the vulnerability on our blog.
- Blog posts include a reference to the person/people who reported the vulnerability, unless the reporter(s) would prefer to stay anonymous.
LeadGnome will endeavor to keep the reporter apprised of every step in this process as it occurs.
We greatly appreciate the efforts of security researchers and discoverers who share information on security issues with us, giving us a chance to improve our products and services, and better protect our customers. Thank you for working with us through the above process.