Astound Security: Responsible Disclosure Policy

Astound believes effective responsible disclosure of security vulnerabilities requires mutual trust, respect, and transparency between Astound and Security Researchers. Together, we promote the continued security and privacy of Astound customers, products, and services.

Astound accepts vulnerability reports from all sources. Astound defines a security vulnerability as an unintended condition that could be exploited to compromise the integrity, availability or confidentiality of our products, services, or confidential information.

• We maintain trust, respect and confidentiality in our exchanges with security researchers. We ask that you do the same by giving Astound the time to investigate your report and mitigate any vulnerability without disclosing the vulnerability publicly.
• We will work with you to validate reported vulnerabilities in accordance with our commitment to security and privacy. We ask that you do the same by providing us with information that will further our understanding and investigation of your report.
• We investigate and remediate issues in a manner consistent with helping to protect the safety and security of those potentially affected by a reported vulnerability. We ask that Vulnerability Reporters refrain from public disclosure of the reports until this process has been completed.

Astound recommends that Vulnerability Reporters share the details of any suspected vulnerabilities using the web form below. The Astound Security team will conduct a thorough investigation, contact you for any clarification or additional data if required, and then take appropriate action for resolution. To encrypt a submission via email, use the public key provided on this page.