Silvair security vulnerabilities reporting

Silvair acknowledges the valuable role that independent security researchers play in internet security. As a result, we encourage responsible reporting of any vulnerabilities that may be found in our products or applications.

Reporting

To report security issues that affect Silvair products or web services, please contact: support@silvair.com. For the protection of our customers, Silvair generally does not disclose, discuss, or confirm security issues until a full investigation is complete and any necessary patches or releases are available.

Please note: Silvair is not running any Bug Bounty program, so there is no compensation for reporting bugs.

However, we really appreciate your report and we thank you for your contribution in making our Platform more secure!

Response and notifications

Silvair is committed to acknowledge receipt of all submitted reports within 2 business days. In some instances, acknowledgement of receipt may be delayed due to company or national holidays. In those cases, Silvair will make every attempt to respond within the 2-day window upon the resumption of normal business activities.

After receipt of a report of a vulnerability, we will determine which products are affected and what the severity of the vulnerability is. Silvair will provide feedback to the reporter of the vulnerability and work with them to fix the issue. Silvair will release a fix or propose a workaround for the reported vulnerability usually within 2 weeks but in certain cases the time may be longer and will be proposed on a case-by-case basis. The fix may be a new release of the product or a patch for existing application/system (depending on product affected).