Vulnerability Disclosure

 

Daxko is committed to high security standards to assure our customer data is protected. This policy allows Daxko to partner with our clients to secure our corporate systems and applications while providing clear guidelines on how to submit discovered vulnerabilities to us.

Please note that all Daxko systems are deemed private and confidential. You must obtain written consent prior to scanning or conducting vulnerability research on any Daxko networks or applications. Provided however, if in the course of your interactions with our systems as a Daxko customer you notice security vulnerabilities, we encourage you to report the vulnerability using this page as well. Your report will be forwarded to the appropriate parties for timely acknowledgement and verification. Verified issues will then be passed to our development teams for remediation on a timeline commensurate with the severity of the issue. Please note that you are expected to engage in security research responsibly and without any disruption to Daxko’s systems or customers’ experience.

Daxko does not operate a bug bounty program and does not authorize vulnerability research without prior consent under any circumstances. By submitting a vulnerability, you acknowledge that you have no expectation of payment and waive any future pay claims against Daxko related to your submission.

If you are a client of Daxko and wish to inquire about guidelines, scope and test methods authorized or have any other questions regarding vulnerability disclosure, please contact us by clicking the link below.