Section wrapper Block wrapper Block section Main column ----------------- Title ## Dawex commitment on security vulnerabilities
WYSIWYG Dawex security team is committed to verify and solve any discovered potential security vulnerability. Nevertheless, any technology can contain bugs and vulnerabilities can sometimes be present. Dawex truly encourages responsible reporting of any security issue that someone may find on the data marketplace.
If a vulnerability is found, our teams are dedicated to address it quickly and transparently.
Call to action /Action /Main column Secondary column ----------------- Image column Text column /Text / Block section / Block wrapper / Section Section wrapper Block wrapper Block section Main column ----------------- Title ## Our policy on the responsible disclosure of vulnerabilities
WYSIWYG Responsible disclosure is a vulnerability disclosure model in which a vulnerability or an issue is disclosed only after a period of time that allows for the vulnerability or issue to be patched or mended. Dawex philosophy relies on the collaboration between Dawex security team and security researches as follows:
Call to action /Action /Main column Secondary column ----------------- Image column Text column /Text / Block section / Block wrapper / Section Section wrapper Block wrapper Block section Main column ----------------- Title ## Dawex Security Team
WYSIWYG
* Prioritizes efforts to resolve the reported security issues and communicates transparently
* Respects security researchers, giving them public recognition and rewards for their contributions when appropriate
* Does not take any punitive actions against finders
Call to action /Action /Main column Secondary column ----------------- Image column Text column Title ## Security Researchers
WYSIWYG
* Respect the rules and follow the process prescribed by Dawex
* Respect all enforceable data regulations, and strive to respect data privacy
* Assist in clarifying and support their reports when needed and communicate in good faith with the Dawex security team
Call to action /Action /Secondary Text column /Text / Block section / Block wrapper / Section Section wrapper Block wrapper Block section Main column ----------------- Title ## Reporting a vulnerability
WYSIWYG As a Security Researcher, if you believe you have found a vulnerability, please submit your report including a detailed description of your discovery with clear, concise replicable steps or a working proof-of-concept. Please, be as thorough as possible. Dawex security team may contact you for additional details.
To submit a report to the security team, email at: security at dawex.com.
Need to send us sensitive information? Use this PGP public key.
We appreciate your support.
Call to action /Action /Main column Secondary column ----------------- Image column Text column /Text / Block section / Block wrapper / Section Section wrapper Block wrapper Block section Main column ----------------- Title ## Dawex disclosure process
WYSIWYG The content of the report will initially remain non-public to allow the Dawex security team enough time to design, test and publish a remediation. When the vulnerability is closed, public disclosure may be requested by either parties. We encourage a mutual open communication regarding disclosure timelines:
Call to action /Action /Main column Secondary column ----------------- Image column Text column /Text / Block section / Block wrapper / Section Section wrapper Block wrapper Block section Main column ----------------- Title ## The big security picture
WYSIWYG The responsible disclosure of vulnerabilities is part of a larger Dawex effort to ensure our technology provides safe and secure data exchange environments. Our dedication to provide proof, continuity of service, identification, trust and confidentiality is seeped into every aspect of the Dawex Data Exchange Platform.
After obtaining SOC 1 Type I compliance, SOC 2 Type I and SOC 3, Dawex completed SOC 2 Type II Security and Availability Audit Certification in April 2022 — building on our commitment to deliver secure data exchanges.
Call to action Explore our security policy and commitments /Action /Main column Secondary column ----------------- Image column Text column /Text / Block section / Block wrapper / Section
This program crawled on the 2021-04-20 is sorted as bounty.
FireBounty © 2015-2024