How to report a Security Vulnerability
You found a security vulnerability in one of the Talarian products and you want to report it to us. This article explains you our policy in this respect and what is the procedure to report a security vulnerability you discovered in Awesome Table.
No technology is perfect, and Talarian believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you have found a security issue in one of the Talarian products, we encourage you to notify us at secalert@talarian.io. We welcome working with you to resolve the issue promptly.
Let us know as soon as possible upon discovery of a potential security issue, and we will make every effort to quickly resolve the issue.
Talarian values the members of the independent security research community who find security vulnerabilities and work with us so that security fixes can be issued to all customers. When a fix for the reported security bug is issued, Talarian's policy is to credit all researchers in the Release Notes. In order to receive credit, security researchers must follow this policy’s best practices, including:
- To only interact with accounts you own or with explicit permission of the account holder
- To not disclose the vulnerability to the public or to any third party prior to Talarian releasing a fix for it
- To not disclose specifics of the issue, for example, through exploits or proof-of-concept code
- To refrain from causing any privacy violations, destruction of data, and interruption or degradation of our service
In addition, while researching, we'd like to ask you to refrain from:
- Denial of service
- Spamming
- Social engineering (including phishing) of our staff or contractors
- Any physical attempts against our property
Talarian does not credit employees or contractors of Talarian and its subsidiaries for vulnerabilities they have found.