Privacy Policy for Personal Data
24i understands the importance of security in our products. We believe that the responsible disclosure of any security vulnerabilities identified by security researchers plays an important role in how we conduct our business.
24i accepts vulnerability reports from all sources including independent security researchers, industry partners, vendors and customers. We define a vulnerability as a flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy.
24i asks security researchers to share details of any suspected vulnerabilities via email to disclosure@24i.com. If you feel the need, please use our PGP public key to encrypt your communication with us.
At a minimum please include the following information with your initial submission:
24i will acknowledge submitted reports within 3 working days. 24i asks that all parties respect a 90 day hold-off period before making full disclosure.