Security Disclosure Policy
How we handle vulnerability disclosures and coordinate with security researchers
Disclosure Timeline
Initial Response
Within 24 hours: Acknowledge receipt of vulnerability report
Within 72 hours: Provide initial assessment and timeline
Within 1 week: Detailed analysis and remediation plan
Remediation Timeline
Critical vulnerabilities: 7-14 days
High severity: 14-30 days
Medium severity: 30-90 days
Low severity: 90+ days
Disclosure Process
Coordinated Disclosure
- • Work with researchers on timeline
- • Provide regular status updates
- • Coordinate public disclosure
- • Credit researchers appropriately
- • Ensure fixes are deployed
Public Disclosure
- • Security advisory publication
- • CVE assignment (if applicable)
- • Customer notification
- • Researcher acknowledgement
- • Lessons learned documentation
Communication Channels
For Researchers
security@packetblock.com
https://packetblock.com/security
24-hour response time
For Customers
hello@packetblock.com
Security advisories
Immediate notification
What We Provide
Status Updates
- • Regular progress reports
- • Timeline adjustments
- • Technical details
- • Fix deployment status
Recognition
- • Public acknowledgement
- • Professional references
- • Bug bounty rewards
Documentation
- • Security advisories
- • Technical details
- • Remediation guidance
- • Lessons learned