At SaaS Labs US, Inc. (hereinafter, “SaaS Labs”), ensuring the safety and security of our customer's data and the reliability of our products are of utmost importance to us. Therefore, we strive to design and create products with the highest levels of security and reliability. Despite our best efforts, our products and services may still contain vulnerabilities and errors due to their highly complex and sophisticated nature.
This policy outlines SaaS Lab's methods for identifying and addressing potential vulnerabilities and errors in its products. It encourages external parties to report any issues they may encounter while using our products so that we can promptly investigate and resolve them. SaaS Lab encourages customers, users, researchers, partners, and anyone else who interacts with SaaS Labs' products to report any identified vulnerabilities or errors with such products.
The preferred method of contacting SaaS Labs regarding vulnerabilities and errors is sending your report to security@saaslabs.co. Please include the following details with your report:
Your name/handle and a link for recognition in our Hall of Fame.
Please be assured that providing your name and contact information with your report is entirely optional and at your discretion. SaaS Labs values all reports that are submitted, whether anonymously or with name and contact information. Rest assured that SaaS Labs is committed to respecting your privacy. In the event that you do choose to submit your name and contact information, SaaS Labs will only use such information to reach out to you if any clarification on the details of your report is necessary and to include your name in the Hall of Fame.
SaaS Labs will endeavor to acknowledge the receipt of your report within three (3) working days of submission. You will be kept informed of our progress and completion of any remediation actions pursuant to your report. SaaS Labs will also work with you to understand and resolve the vulnerability quickly.
By submitting a report, you acknowledge and agree to the following terms: SaaS Labs reserves the right to use your report for any relevant purpose, including but not limited to correcting any vulnerabilities and errors that are reported and deemed necessary by SaaS Labs. If you propose any changes or improvements to a SaaS Labs product or service in your report, you are assigning all ownership and usage rights of those proposals to SaaS Labs.
Any services hosted by third-party providers and services are excluded from the scope.
In the interest of the safety of SaaS Labs's users, staff, the Internet at large, and you as a security researcher, the following test types are excluded:
If you have any clarifications to make, contact us at security@saaslabs.co
You will not:
You will:
If you follow SaaS Labs Responsible Disclosure Policy when reporting an issue, then SaaS Labs will:
SaaS Labs reserves the right to modify or amend any terms of this Policy at any time without any notice.
At SaaS Labs, we use our Hall of Fame program to recognize people who have responsibly shared one or more security vulnerabilities in our products, enabling us to serve our customers better. Please refer to the Security Hall of Fame for details. Decision to include you in the Hall of Fame is at the sole discretion of SaaS Labs.