REQUEST A DEMO 1-855-367-2962
Responsible Disclosure Policy

Responsible Disclosure Policy


NDS Systems is committed to securing our system, application and client information. However, there are times that vulnerabilities can escape detection. In the event of one of these potential security vulnerabilities are identified, please report the us immediately so that we may take the appropriate measures to protect our clients. We appreciate the assistance in our security efforts.


REPORTING

Please submit your report to responsibledisclosure@cyncsoftware.com. Include a detailed summary of the vulnerability, including the target, steps, tools, artifacts, time/method used during the discovery and the necessary steps for reproducing the vulnerability. If you have any screen captures available please include them as well. We would like to contact you about the assessment and the progress of the vulnerability solution so please leave your contact information.


POLICY GUIDELINES

  • Do not share information about the security vulnerabilities with a third party or disclosed publicly until NDS Systems’ has been able to resolve the problem.
  • Be responsible with the knowledge about the security problem. Do not engage in any actions beyond what is necessary to demonstrate the security problem that could potentially stop or degrade our services or assets.
  • Do not store, share, compromise or destroy confidential data obtained through the vulnerability in the system.
  • Do not engage in any activity that violates any federal or state laws or regulations.

By responsibly submitting your findings to NDS Systems in accordance with the stated guidelines, NDS Systems agrees not to pursue legal action against you. However, NDS Systems reserves all legal rights in the event of noncompliance with these stated guidelines.


REWARDS / BUG BOUNTY

NDS Systems does not operate a bug bounty program. Therefore, we will make no offer of reward or compensation in exchange for submitting potential security vulnerabilities. We do however thank you for your submission and again appreciate your assistance in our security efforts.


OUT OF SCOPE VULNERABILITIES

These vulnerabilities, we feel, are out of scope for our Responsible Disclosure Policy:

  • Physical Testing
  • Phishing
  • Denial of service attacks
  • Resource exhaustion attacks

Reviewed 5/19/22