Security and privacy of our users is very important for us. We take utmost care to ensure that our systems are protected and our developers strive to write secure code. We realize that there is no silver bullet when it comes to security and there are times when security bugs sneak through despite our best efforts. We ensure that all security issues reported are reviewed and resolved promptly.
Reporting a security issue
We would like to foster a culture of collaboration to achieve better security and make the internet a better place. If you believe that you have found a security issue that can adversely impact Digidukan Media’s systems, please do contact our security team at firstname.lastname@example.org. A member of our security team will reach out to you and will work with you to validate, qualify and resolve the issue.
Our expectations from you:
A detailed description of the issue
Steps to reproduce the issue
You will follow responsible disclosure guidelines (see below)
No malicious activities (**)
Our promise to you:
Prompt acknowledgement of the report (within 2 business days)
Transparency throughout the process
An environment conducive of collaboration
Adequate mitigation of the issue
Recognition of your efforts (if you are the first one to report the issue)
We at Digidukan Media believe that with great knowledge comes great responsibility. We expect that you will give us reasonable lead time to respond to your report before making any information public and that you will make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research. We will reciprocate the gesture by working with you to mitigate the issue to the satisfaction of both parties. We would prefer that interested researchers coordinate their efforts with our security team, so that we can avoid any untoward incidents that could affect confidentiality, integrity or availability of Digidukan Media’s systems.
We classify malicious activities as follows
Any kind of DoS attack
Deliberate attempts at harming Digidukan Media systems
Introduction of backdoors/Trojans/malware in Digidukan Media systems
Attempts to breach confidential data
All attempts to cause harm to Digidukan Media’s systems and data and that do not follow responsible disclosure will be pursued legally to the full extent permitted by law.