Policies
Security policy
Introduction
This Security Policy outlines FirstQuadrant Inc.’s (“FirstQuadrant”, “we”, “us”, or “our”) approach to security and how we handle security-related reports and vulnerabilities.Our commitment to security
We take security seriously and are committed to protecting our users’ data and maintaining the security of our services. We implement industry-standard security measures and regularly review and update our security practices.Security reporting
We do not currently operate a bug bounty program. However, we welcome responsible disclosure of security vulnerabilities. If you discover a security vulnerability in our services, we encourage you to report it to us directly.How to report security issues
If you find a security vulnerability, please:- Email your findings to [email protected]
- Provide detailed information about the vulnerability
- Include steps to reproduce the issue
- Share any relevant proof-of-concept code or screenshots
- Do not publicly disclose the vulnerability until we have had a chance to address it
What to expect
Upon receiving your report, we will:- Acknowledge receipt of your report within 48 hours
- Investigate the reported vulnerability
- Keep you informed of our progress
- Work to resolve the issue as quickly as possible
- Credit you in our security acknowledgments (unless you prefer to remain anonymous)
Guidelines for responsible disclosure
When reporting security issues, please:- Do not attempt to access or modify user data
- Do not attempt to disrupt our services
- Do not share or publish the vulnerability until we have addressed it
- Do not attempt to exploit the vulnerability beyond what is necessary to demonstrate it
- Provide clear, detailed information about the vulnerability