If you've found a security vulnerability in a Disruptive Technologies product, this article explains how to report it safely and securely.
Who is this article for?
Security researchers or anyone who has discovered a potential security vulnerability in a Disruptive Technologies product and wants to report it responsibly.
What do you need?
- Details about the security vulnerability you've found
- A PGP encryption tool if you need to send sensitive information (recommended)
How to report a security issue?
To report a security vulnerability, follow these steps:
- Send an email to security@disruptive-technologies.com describing the security vulnerability you've found.
- If your report contains sensitive information, encrypt it using the Disruptive Technologies security team's PGP public key before sending. You can download the key here: Public key
The engineering team at Disruptive Technologies thoroughly investigates all reports.
Troubleshooting / FAQ
Q: Why should I encrypt my report?
A: If your report includes sensitive details about a vulnerability, such as exploit steps or access credentials, encrypting the email with the team's PGP public key ensures that only the Disruptive Technologies security team can read it. This protects the information while it's in transit.
Q: What happens after I submit my report?
A: The Disruptive Technologies engineering team will review your report and investigate the vulnerability. You can expect a response via email.