Responsible Disclosure Policy

Effective date: Dec 13, 2023

 

Saleshandy takes the security of its systems seriously and values the security community. The responsible disclosure of security vulnerabilities helps Saleshandy in ensuring the security and privacy of its users.

 

Disclosure Policy

 

We ask that you do not share or publicize an unresolved vulnerability with/to third parties. If you submit a vulnerability report, the Saleshandy security team and associated development teams will use reasonable efforts to investigate all legitimate reports and do our best to quickly fix the problem.

When conducting security testing, make sure not to violate our privacy policies, modify/delete unauthenticated user data, disrupt production servers, or to degrade the user experience.

 

Scope

 

Salesgandy product scope limits to,

 

      • saleshandy.com
      • my.saleshandy.com
      • app.saleshandy.com

 

Qualifying Security Bugs

 

All bugs that are reported are qualified based on its impact on customer’s production data. We will consider other security vulnerabilities if it is making an impact and exploitable with a working non-intrusive POC.

 

How to report a security vulnerability?

 

If you believe you’ve found a security vulnerability in Saleshandy then please send it to us by emailing [email protected]. Please include the following details with your report: Description of the location and potential impact of the vulnerability; A detailed description of the steps required to reproduce the vulnerability (POC scripts, screenshots, and compressed screen captures are all helpful to us);

 

Hall of Fame

 

At Saleshandy, we use our Hall of Fame program to recognize people who have responsibly shared one or more security vulnerabilities, enabling us to serve our customers better.

 

    • Muhammad Hammad
    • Anderson Mcckay
    • Tayyab Sial
    • Muhammad Asad
    • Varun PK
    • Sushant Soni
  •  

Trusted by users as a top market leader

G2 Star Group4.6 out of 5 on G2
badge-group
Enter valid email
Time Calender Req Card