To learn more about our security program at Lean Factor and find security compliance artifacts, please reference our Security Status Page below:
Reporting Security Issues
If you believe you have discovered a vulnerability in an Lean Factor product or have a security incident to report, contact us at firstname.lastname@example.org. When researching a potential vulnerability in an Lean Factor product, please adhere to and remain cognizant of the following rules of the road:
- Do not exploit any Lean Factor product beyond what is necessary to provide Lean Factor with the steps to replicate the potential vulnerability. Practically, this means not compromising accounts, downloading data, or causing denial of service or destructive outcomes.
Once we have received a vulnerability report, Lean Factor takes a series of steps to address the issue:
- Lean Factor requests the reporter keep any communication regarding the vulnerability confidential.
- Lean Factor investigates and verifies the vulnerability using the reporter’s detailed instructions to replicate.
- Lean Factor addresses the vulnerability, which may include patching the requisite software or system, or using compensating controls to mitigate any harm.
- Lean Factor will endeavor to keep the reporter apprised of the outcome of their report and at that time, shall provide consent to the reporter’s publication of the vulnerability.
We greatly appreciate the efforts of security researchers and discoverers who share information on security issues with us, giving us a chance to improve our products and services, and better protect our customers. Thank you for working with us through the above process.