+44 (0) 1509 611 341
Telephone Search Select country UK

Reporting vulnerabilities

reporting vulnerabilities

Security vulnerabilities exist in any software or hardware implementation and therefore the team at Impero is fully committed to working with customers, security researchers and others who wish to offer up improvement ideas, new feature requests or information on perceived security vulnerabilities.

Anyone who has a product improvement or discovers a site or product flaw is encouraged to notify us using the guidelines in 1. below, our objectives being to maintain customer security to balance the achievement of a timely fix with assuring the quality of the work undertaken to achieve it and ensure a safe notification to users and customers as well as safeguarding the rights of third parties.

To maintain a coordinated and collaborative approach and to support ethical and responsible vulnerability reporting practices, we will not pursue legal action if we conclude that any disclosures are and remain in line with the guidelines at 1. below. We would encourage anyone with an interest in researching and reporting security issues to follow our simple guidelines for responsible reporting.

1. guidelines for ethical and responsible reporting

2. unacceptable practices

We do not condone security research that involves the following:

 3. reporting security vulnerabilities

Please report any security concerns to [email protected] with an email address that we can contact you on should we need to. In some cases we may ask to meet with you for a chat.

We take security very seriously and will respond as quickly as we can to any security issues identified. Please understand that some of our software is very complex and may take a little time to update. We will respect a finder’s work if the guidelines at 1. are adhered to and we will do our best to acknowledge your disclosures and assign the necessary resources to investigate and fix potential problems as quickly as we can.

We will not take legal action against people that identify security vulnerabilities if the ethical, private reporting practices outlined in 1. above are followed and adhered to, so please don’t be afraid to get in touch.

latest news

discover more news

latest resources

discover more resources