What is a Security Vulnerability?
A security vulnerability is a flaw or weakness in our product's design, implementation, operation, or management that could be exploited to violate the safety and security of our systems and customer data. Vulnerabilities can potentially allow attackers to gain unauthorised access, expose sensitive data, or disrupt service operations. Identifying and addressing these vulnerabilities is critical to safeguarding the integrity, availability, and confidentiality of our systems and data.
How to Report a Security Vulnerability
We take the security of our systems and data very seriously and value the security community's role in helping us maintain a high standard of security for our users and customers. If you believe you have discovered a security vulnerability in one of our products or platforms, please help us by reporting it to us in a responsible manner.
Please send your security vulnerability reports to security-reports@driva.com.au. To help us assess the nature and scope of the vulnerability, please include as much of the following information as possible:
- Description of the Vulnerability: Provide a clear and concise description of what you believe is a vulnerability.
- Steps to Reproduce: If possible, provide a step-by-step guide to reproduce the vulnerability. This can help us better understand the nature of the vulnerability and expedite its resolution.
- Potential Impact: Describe what you believe could be the potential impact of the vulnerability if it were to be exploited.
- Any Other Relevant Information: If applicable, include any other information that might be relevant to the vulnerability or its potential mitigation.
Our Commitment
Upon receiving your report, our security team will promptly investigate the issue and, if verified, take the appropriate steps to address the vulnerability as quickly as possible. We are committed to working with the security community to verify and respond to security vulnerabilities responsibly and efficiently.
Please note, we ask that you do not disclose the vulnerability to others until we have had a chance to investigate and address the reported issue.
We appreciate your assistance in helping us maintain the security and privacy of our systems and users. Your efforts to responsibly report security vulnerabilities are greatly valued and play a vital role in our ongoing efforts to improve our security posture.