Responsible Disclosure

If you are a security expert or researcher, and you believe that you have discovered a security related issue with Deskpro’s online systems, we appreciate your help in disclosing the issue to us responsibly. We ask the security research community to give us an opportunity to correct a vulnerability before publicly disclosing it.

Reporting:

Please share the details of any suspected vulnerabilities with the Deskpro Security Team by sending an email to security@deskpro.com (click here for our PGP key). When reporting any suspected vulnerabilities, please include the following information:

• Vulnerability details with information to replicate the issue
• Your email address
• Your name as it should be displayed on our site if you would like us to acknowledge your discovery
• Your Twitter handle or website as it should be displayed

Our Commitment:

• Promptly acknowledge receipt of your vulnerability report
• Provide an estimated time for resolution of the vulnerability
• Notify you when the vulnerability is fixed
• Publicly acknowledge your responsible disclosure

Special Thanks

We wish to thank the following security researchers:

• Yashar Shahinzadeh
• Raja Uzair Abdullah
• Vanshit Malhotr
• Rohan Kumar Birtia @c0ld_b00t3r
• Osama Ansari @AnsariOsama10
• Simone Memoli
• Shahmeer Amir @Shahmeer_Amir
• Babar Khan Akhunzada
• Ali Kabeel
• Hamid Ashraf
• Hammad Shamsi @HammadShamsii
• Salman Khan Champion Dezign Burg
• Owais Ahmed Siddiqui
• Nitin Goplani
• Shahzee Mirza @shaheemirza
• Daksh Patel @Dakshxss
• Shivam Kumar Agarwal @netanalysts
• Ankit Bharathan @provensec