Responsible Disclosure Policy
At FFO, we take the security of our systems and the privacy of our users very seriously. We appreciate the efforts of others in helping us maintain a safe and secure environment for everyone. If you have discovered a security vulnerability in any of our systems, we encourage you to report it to us so we can take steps to address it as quickly as possible.
- If you have identified a security vulnerability, please reach out to us immediately by sending an email to email@example.com. Please refrain from publicly disclosing the issue until we have had the opportunity to investigate and address it.
- In your report, please include a detailed description of the vulnerability, along with any steps or proof necessary to replicate it. This information will help our team understand and address the issue more effectively. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation.
- We kindly request that you do not disclose the vulnerability publicly until we have had sufficient time to investigate and resolve it. We are committed to working diligently to resolve all reported issues as fast as possible.
- We expect you to act ethically and in good faith. Please refrain from taking advantage of the vulnerability for any malicious purpose, unauthorized access, or any other actions that could harm FFO, its users, or any third parties. The primary goal of responsible disclosure is to improve security, and we appreciate your cooperation in achieving this objective.
- We will respect and value your efforts in helping us improve our security. As such, we will not pursue legal action against individuals who follow this policy in reporting vulnerabilities.
- We are open to acknowledging and giving credit to you for your responsible disclosure. If you wish to be recognized, please let us know when reporting the vulnerability.
Thank you for your commitment to the security of FFO and its users. We appreciate your cooperation in maintaining a safe online environment.