Last updated on October 16, 2023

ACCEPTANCE TO DISCLOSURE TERMS

By using our platform, you accept our Disclosure Terms, including our Terms and Conditions and Privacy Policy. If you do not agree, you should not proceed in accessing our platform and submitting security vulnerability information.

DEFINITION OF TERMS

• Cybersecurity Researcher (Hunter). They are commonly known as hackers, white hat hackers, or bug bounty hunters who use the Secuna platform to provide security vulnerability information to different security programs.
• Security Programs. Security Teams may launch a Security Program and publish a policy designed to guide hunters in finding security vulnerabilities into a particular service or product. If this security program is private, your participation is entirely optional and subject to non-disclosure by default.
• Security Team. A team of individuals responsible for addressing a product or service's security issues. Depending on the circumstances, this could be an organization's formal security team, Secuna’s security team, a group of volunteers of an open-source project, or an independent volunteer.
• Security Vulnerability. A software bug that would allow a hunter to perform penetration testing.
• Security Vulnerability Information. A bug report or other security vulnerability information, in text, graphics, image, audio, video, software, hardware, works of authorship of any kind, and information or other material that hunters provide or otherwise made available to a Customer through participation in a security program from the Secuna platform.

Security is core to our values, and we value the input of hunters acting in good faith to help us maintain a high standard for the security and privacy for our users. This includes encouraging responsible security vulnerability research and disclosure. This policy also sets out our definition of good faith in the context of using our platform, interacting with different users, finding and reporting security vulnerabilities, as well as what you can expect from us in return. To avoid any confusion, we ask you:

• To play by the rules. This includes following this policy, as well as any other relevant terms or agreements, including the standards set forth by the Security Teams. If there is any inconsistency between this policy and any other relevant terms, the terms of this policy will prevail;
• To be kind and cordial at all times. Any form of harassment, abusive language, profanity, or threats will not be tolerated in our platform nor tolerate any discrimination based on race, ethnicity, nationality, level of experience, personal and physical appearance, age, religion, gender identity and orientation, political beliefs, or others.
• To report any security vulnerability you’ve discovered;
• To make a reasonable faith effort to avoid violating the privacy of others, disrupting our systems, destroying data, and/or harming user experience;
• To keep the details of any discovered security vulnerabilities confidential until they are resolved, according to the Disclosure Terms;
• To maintain communication on our platform. Secuna is not liable for any damage caused by communicating or disclosing security vulnerability information outside the platform. So, please do not use emails, social media accounts, or other private ways to communicate with a member of a security program in regards to security vulnerabilities or any related issues, unless they instruct you to do so.
• To not engage in extortion. Any attempt to obtain bug bounties, money, or services by coercion is strictly prohibited. If you know or have information about a potential security vulnerability or inadvertently come into possession of private data, please promptly ethically initiate the disclosure process as described below.