Our commitment to responsible disclosure and security excellence as a Cybersecurity Tech Accord signatory.
Professional Options recognises there are rare occasions where unintended vulnerability might occur due to a variety of issues or circumstances, including new or untested exploits developed after the release of a product.
We endeavour to develop, recommend, or release products that meet the highest standards of excellence and security. Thus, we are committed to thoroughly investigating and ameliorating vulnerability reports in a timely manner.
Likewise, we at Professional Options keep abreast of and comply with guidelines of responsible disclosure to ensure our clients address potential or existing vulnerabilities in order to mitigate associated risks.
We follow established responsible disclosure practices. When a vulnerability is reported to us, we commit to acknowledging receipt promptly, investigating the report thoroughly and in good faith, communicating our findings and timeline to the reporter, and resolving confirmed vulnerabilities before public disclosure.
We ask that those reporting vulnerabilities allow us reasonable time to investigate and address the issue before any public disclosure, and that they avoid accessing, modifying, or deleting data beyond what is necessary to demonstrate the vulnerability.
As part of our consulting practice, Professional Options advises clients on technology security posture, vulnerability management, and responsible disclosure frameworks. Our Cybersecurity Tech Accord membership informs this advisory work and reflects our commitment to a safer digital ecosystem for all.
Clients with security concerns related to engagements with Professional Options are encouraged to contact us directly and promptly.