Responsible Disclosure Policy

documents

Stessa is deeply committed to the security of our services and our users’ information.

Stessa will engage with security researchers who voluntarily report vulnerabilities to us in accordance with this Responsible Disclosure Policy. If you are a security researcher and have discovered a security vulnerability in one of our services, we appreciate your help in disclosing it to us in a responsible manner. Please note that we are not able to offer compensation for these disclosures. Although we cannot offer compensation, we are happy to cooperate with you if any third party initiates action against you in connection with the activities you undertake to disclose this information in compliance with this policy.

Prohibited Actions

Stessa prohibits individuals from accessing, downloading or modifying data residing in any account that does not belong to that individual. The following actions are also prohibited:

  • Executing or attempting to execute any denial of service attack;
  • Knowingly posting, transmitting, uploading, linking to, sending, or storing any malicious software on or through Stessa services;
  • Sending or causing the sending of spam messages or other unsolicited messages to users;
    Testing in a manner that would degrade the operation of our services; or
  • Any other testing that violates applicable law or our  Terms of Service.

Reporting

Please share the details of any suspected or detected vulnerabilities with the Stessa Security Team by emailing [email protected]. For the security of our users and service, we ask that you do not publicly disclose these details without express written consent from Stessa. In reporting any suspected vulnerability, please include the following information:

  • Your name and email address;
  • Vulnerability details with information to allow us to efficiently reproduce your steps

If we verify a security vulnerability that you report to us in compliance with this Policy, we will endeavor to quickly acknowledge the receipt of your report.

Thank you for helping keep Stessa and our users safe!