Wearsafe Vulnerability Disclosure Policy

Wearsafe Vulnerability Disclosure Policy

 

We take security, privacy, and transparency seriously. Wearsafe appreciates your effort to help us all build a better, more secure IoT platform.

If you have discovered a vulnerability in the Wearsafe product or another serious security issue, please submit it to [email protected]

Maintaining the security, privacy, and integrity of our platform and connected-devices is a priority at Wearsafe. Therefore, Wearsafe appreciates the work of security researchers to improve our IoT platform and we are committed to creating a safe, transparent environment to report vulnerabilities.

If you believe you have found a security vulnerability that could impact Wearsafe or our users, we encourage you to report this right away. We will investigate all legitimate reports and fix the problem as soon as we can. We ask that you follow Wearsafe’s Vulnerability Disclosure Policy and make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service during your research.

Services that Wearsafe provides or any Wearsafe-connected product are in scope.

The following conditions are out of scope for the Vulnerability Disclosure Program:

  • Any vulnerability obtained through the compromise of a Wearsafe customer or employee accounts.
  • Missing Best Practice, Configuration or Policy Suggestions.
  • Any Denial of Service (DoS) attack against Wearsafe and our products.
  • Physical attacks against Wearsafe employees, offices, and data centers.
  • Social engineering of Wearsafe employees, contractors, vendors, or service providers.
  • Knowingly posting, transmitting, uploading, linking to, or sending any malware.
  • Pursuing vulnerabilities which send unsolicited bulk messages (spam) or unauthorized messages.

Due to the Children’s Online Privacy Protection Act (COPPA), we cannot accept submissions from children under the age of 13.