DECIDER’S VULNERABILITY DISCLOSURE PROGRAM
Effective Date: January 1, 2023
1. WHAT IS A SECURITY VULNERABILITY?
A security vulnerability is a weakness, flaw, or error found within a system that has the potential to be leveraged by a threat agent to compromise the confidentiality, integrity or availability of the system.
Decider values the efforts of and role that the information security community plays to identify new threats and help businesses to protect their information assets. We encourage the reporting of any possible security vulnerabilities that may be found in the Decider’s information assets. Decider takes security seriously and will investigate all reported vulnerabilities. If you have any information about a possible security vulnerability in Decider’s information assets, please let us know right away.
2. HOW TO REPORT A SECURITY VULNERABILITY:
Our vulnerability disclosure program is managed by Bugcrowd. Submissions are subject to Bugcrowd’s Standard Disclosure Terms.
Please send us an email at vdp@decider.com and include relevant information listed under Bugcrowd’s Report a Bug page. We will forward your email to Bugcrowd.
3. PUBLIC NOTIFICATION:
In order to protect our customers, Decider asks that you do not post or share any information about a potential vulnerability in a public setting until we have researched, responded to and addressed the vulnerability.