Responsible Disclosure

Responsible Disclosure Policy

At nference, the security of our systems and data is of utmost importance. We value the input of the security community and encourage ethical hacking to identify potential vulnerabilities. If you have discovered a security issue, we appreciate your help in disclosing it responsibly.

How to Report a Vulnerability

If you believe you have found a security vulnerability in our systems, please follow these steps to report it:

Submission Guidelines

1. Email Your Findings: Send a detailed description of the vulnerability to responsible-disclosure@nference.com. Include the following information:

   - Description of the vulnerability and its potential impact.

   - Steps to reproduce the vulnerability.

   - Any relevant screenshots, videos, or logs.

2. Avoid Public Disclosure: Do not publicly disclose the vulnerability until we have had an opportunity to investigate and address it.

3. Follow Legal Boundaries: Ensure that your testing does not violate any laws or regulations. Avoid any actions that could harm our systems or data, including but not limited to:

   - Attempting to access, modify, or destroy data.

   - Disrupting or degrading our services.

What to Expect

Acknowledgment: We will acknowledge receipt of your report within three business days.

Investigation: Our security team will investigate the reported issue and work to resolve it as quickly as possible.

Updates: We will keep you informed of the progress and may request additional information if needed.

Recognition: When it is deemed to be appropriate, thanks from nference might be expressed monetarily or in the form of a gift and could include public recognition for the reporter.

Safe Harbor

We commit to not pursue legal action against individuals who discover and report vulnerabilities in good faith, provided they adhere to this responsible disclosure policy.

Contact Us

For any questions or to report a vulnerability, please contact our security team at responsible-disclosure@nference.com.

Thank you for helping us keep nference secure.