Responsible Disclosure Policy
As innovation is a core value here at ICT, we’re always looking for how we can improve our solutions and continue to create effective products for you and your customers.
That’s why we welcome feedback from the security community about any potential vulnerabilities that you may come across. By working together, we can ensure that your customers people and places are as secure as possible.
Please report any vulnerabilities found to ICT in the first instance. We ask that you please keep all details confidential throughout the process, allowing us to respond and correct the issue.
Our process
If a vulnerability is found:
- Please submit your findings with as much detail as possible using the form below.
- You will immediately receive an email receipt of your submitted form and a member of our team will contact you within 7 business days. They will be your main point of contact.
- Within 30 days of your submission, your main point of contact will be in touch to give you a report on our findings of your submitted vulnerability and to outline the plan moving forward.
- From here, we will be in regular contact to provide progress updates.
Once the vulnerability has been fixed:
- We will communicate the vulnerability and solution to all impacted customers.
- If you’d like, we will acknowledge your help in reporting and solving this vulnerability on our website and link to your preferred channel or website.