Vulnerability Disclosure Policy
Coats Group takes security issues very seriously and recognise the importance of privacy, security and community outreach.
As such, we are committed to addressing and reporting security issues through a coordinated and constructive approach designed to drive the greatest protection for technology users. Whether you are a user of Coats solutions, a software developer or a security enthusiast, you’re an important part of this process.
This vulnerability disclosure policy applies to any vulnerabilities you are considering reporting to us. We recommend reading this vulnerability disclosure policy fully before you report a vulnerability and always acting in compliance with it.
We value those who take the time and effort to report security vulnerabilities according to this policy. However, we do not offer monetary rewards for vulnerability disclosure.
Reporting
If you believe you have found a security vulnerability, please submit your report to us using the following link/email:
vulnerability.disclosure@coats.comIn your report please include details of:
- The website, IP, page or system where the vulnerability can be disclosed.
- A brief description of the type of vulnerability. For example: “XSS vulnerability”.
- Steps to reproduce the vulnerability. These should be a benign, non-destructive, proof of concept. This helps to ensure that the report can be triaged quickly and accurately. It also reduces the likelihood of duplicate reports, or malicious exploitation of some vulnerabilities, such as sub-domain takeovers.
For further details, please see our Vulnerability Disclosure Policy.