Customer security is of paramount importance to CloudCheckr.
We are committed to aggressively investigating all reported vulnerabilities. Listed below are the CloudCheckr policies and procedures for addressing potential vulnerabilities within our services.
We encourage you to report the suspected vulnerability.
If you believe you have discovered a vulnerability in CloudCheckr, please email our security team. As much as possible, please provide supporting information to help us understand the vulnerability and its severity. You will receive an email acknowledging our receipt of your report.
We thoroughly investigate all reports.
We are committed to investigating and researching all reports. Every report is internally tracked until resolution. Using your report, we will attempt to reproduce the vulnerability.
If we are able to reproduce the issue, we will notify you, publicly disclose the issue, and present a mitigation plan.
If we are unable to reproduce the issue, we will contact you for additional information. Upon receipt, we will again attempt to reproduce the issue. If we are still unable to validate or reproduce the issue, we will promptly notify you.
We ask that you not publicly disclose the vulnerability until we have had an opportunity to investigate and respond.
We want to protect our customer data and ask that you not jeopardize their data security. If you would like more details regarding our internal tracking and response mechanisms, please email our security team. One of team members will be happy to discuss your concerns.