Vulnerability Disclosure Policy

For communicating security reports or issues, please contact infosec@wcbradley.com by email.

 

Our reporting targets are:

  • 5 business days from receiving an issue report acknowledging receipt of the issue
  • 10 business days for reporting status of submitted issues until issue closure
     

*Please do not disclose any sensitive personal information when reporting any potential vulnerabilities.

 

Reports pertaining to vulnerabilities must include the following information*:

  • A brief description of the problem and to which vulnerable system the report applies: web, mobile application, or IoT hardware
  • Hardware and software tools used to replicate the event
  • Device model number identification
  • Firmware versions for each device used
  • Date and time of the incident recorded
  • Method for replicating the vulnerability