Snapdocs does its utmost to deliver secure and resilient products and services. Should you identify a vulnerability in one of our products, rest assured that Snapdocs will address it quickly and efficiently.
To help facilitate the reporting process and to ensure integrity of our platform and other related products, please follow the below guidelines.
Snapdocs does not allow penetration testing of its Snapdocs managed cloud products without prior authorization. If you are a Customer, please contact your Account Representative for details. If you do encounter a vulnerability in one of our products, we encourage you to report it in a responsible and secure fashion by emailing us:
Email: Security@snapdocs.com (For privacy and security purposes, please use PGP key available here)
So that we may more effectively respond to your report, please provide:
- Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
- Product that contains the bug (Lender Application, Settlement Application, etc.)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if any)
- Impact of the issue, including how an attacker could exploit the issue
For any Amazon Web Services (AWS) vulnerabilities, please report them to AWS by visiting their Vulnerability Reporting site.