Vulnerability Disclosure Policy

Vulnerability Disclosure Policy

 

Reporting security issues

If you believe you have discovered a vulnerability in an Inside Real Estate product or have a security incident to report, please send an email to a appsec@insiderealestate.com.

Inside Real Estate requests that the reporter keep any communications regarding the vulnerability confidential. Once we have received a vulnerability report, Inside Real Estate takes a series of steps to address the issue:

1. Investigation and verification – steps are taken to ensure the accuracy of the report, scope, and severity of the vulnerability.

2. Address Issue – Resources are assigned and the security issue is updated or patched in the software. If a fix isn’t feasible, steps to mitigate the problem will be provided.

3. Announce – Inside Real Estate will announce verified vulnerabilities directly to impacted customers. Stating what the issue was and the fix that was implemented to resolve it as well as any mitigation steps as needed. Depending on the severity of the issue, additional announcements may be made on a case-by-case basis which can include: Social Media, our Blog, and various media channels.

Inside Real Estate will endeavor to keep the reporter apprised of every step in this process as it occurs.

We greatly appreciate the efforts of security researchers and discoverers who share information on security issues with us, giving us a chance to improve our products and services, and better protect our customers. Thank you for working with us through the above process.