Vulnerability Disclosure Policy

Redstor is committed to designing secure and safe products that do not permit the exposure of information.

Vulnerability Disclosure Policy

Redstor is committed to designing secure and safe products that do not permit the exposure of information.
Improving the security of Redstor’s products and services

Redstor values the work done by security experts and supports a coordinated approach to improve responsibly the security of all products and services.

Redstor is dedicated to working with the security research community to investigate, reproduce and where practical, address any legitimate reported vulnerabilities. The community is actively encouraged to participate in Redstor’s responsible reporting process.

If you are a security expert and would like to report a security vulnerability, please send an email to: [email protected] Provide your name, contact information, and company name (if applicable) with each report.

Responsible disclosure guidelines

Redstor will investigate legitimate reports and make every effort to address quickly any vulnerability discovered. To encourage responsible reporting, Redstor will work alongside you to address legitimate reports if you comply with the following Responsible Disclosure Guidelines (RDG):

  • Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability
  • Make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of Redstor’s services
  • Do not modify or access data that does not belong to you
  • Give Redstor a realistic timeframe to correct the issue before making any information public

Redstor will attempt to respond to your report within three business days.