skip to Main Content

SOLIDitech Vulnerability Disclosure Policy

Vulnerability Disclosure

SOLIDitech is committed to reporting and addressing security issues through a coordinated and constructive approach, designed to give the greatest protection for our customers. Whether you’re a SOLIDitech staff member or customer, a software developer, or just a security conscious member of the online community, you are an important contributor to this process.

Reporting a Security Issue to SOLIDitech

You may contact the SOLIDitech Security Team by sending email to security@soliditech.com under the following circumstances:

  • You have identified a potential security vulnerability with one of our platforms
  • You have identified a potential security vulnerability with one of our services

Once we have received a vulnerability report, SOLIDitech will take the following steps to address the issue:

  • SOLIDitech requests that the reporter keep any communication regarding the vulnerability confidential for security purposes.
  • SOLIDitech will investigate and verify the vulnerability.
  • SOLIDitech will address the vulnerability and release an update or patch to the software. If for some reason this cannot be done quickly or at all, SOLIDitech will provide information on recommended mitigations.
  • SOLIDitech will publicly announce the vulnerability in the release notes of the above mentioned update.
  • SOLIDitech may also issue additional public announcements, for example via social media, our blog, and other media channels.

SOLIDitech will endeavour to keep the reporter informed of every step in this process as it occurs.

SOLIDitech appreciates the efforts of security researchers and discoverers who share information on security issues with us. These reporters allow us the opportunity to improve our products and services, and better protect our customers. Thank you for working with us through the above process.

The security@soliditech.com address is intended ONLY for the purposes of reporting product or service security vulnerabilities. It is not intended for technical support, sales, or any other communication.

Back To Top