Vulnerability Disclosure Policy

If you believe you have discovered a vulnerability in a Psychz Networks's product or have a security incident to report, please submit a ticket by registereing at https://www.psychz.net/dashboard/client/web/site/signup or contact us without the sign up process - https://www.psychz.net/contact.html.

If you feel the need, please use our PGP public key to encrypt your communications with us. Please request the PGP public key in your initial contact with us. 

Once we have received a vulnerability report, Psychz Networks takes a series of steps to address the issue:

1. Psychz requests the reporter keep any communication regarding the vulnerability confidential.
2. Psychz investigates and verifies the vulnerability.
3. Psychz addresses the vulnerability and releases an update or patch to the code.
4. Psychz publicly announces the vulnerability in the release notes of the update via client dashboard.  Release notes (and blog posts when issued) include a reference to the person/people who reported the vulnerability, unless the reporter(s) would prefer to stay anonymous.

We greatly appreciate the efforts of security researchers and discoverers who share information on security issues with us, giving us a chance to improve our products and services, and better protect our customers.  When properly notified of legitimate issues, we’ll do our best to acknowledge your emailed report, assign resources to investigate the issue, and fix potential problems as quickly as possible.