1 Introduction
1.1 Purpose
The purpose of this policy is to define clear rules for the reporting of vulnerabilities to Admin By Request.
This document is applied to the entire scope of the services provided by Admin By Request.
1.2 Scope
This policy encompasses all services and products provided in the Admin By Request platform. We encourage security researchers, users and other stakeholders to report any potential vulnerabilities they discover within the scope of our offerings.
1.2.1 Out of Scope
The following are considered out of scope for this policy:
-
Vulnerabilities that necessitate unrealistic prerequisites
-
Issues resulting from user misconfiguration or misuse of the product/service, such as inadvertently exposing sensitive information due to improper settings or permissions.
-
Bugs in the software that do not pose a security risk, such as minor display errors, cosmetic issues, or non-critical functionality failures.
1.3 Related Articles
This policy may refer to, and should be read in conjunction with, the following:
-
Commitments and responsibilities in ABR's Data Processing Agreement
-
Support provisions in ABR's Terms and Conditions and Customer Support Services
-
Collection, use and disclosure of personal data in ABR's Privacy Policy and Data Privacy Settings
Refer also to ABR's Trust Center documents.
This policy is available in PDF format:
