INTRODUCTION
EnviroData Solutions, Inc. (EDS) is committed to maintaining the security and integrity of our systems, applications, and data. We value the contributions of security researchers and members of the community who help us identify potential vulnerabilities. This Vulnerability Disclosure Program outlines how to report issues and what you can expect from us.
SCOPE
This program applies to any digital assets owned, operated, or maintained by EDS, unless explicitly excluded. We ask that all testing be conducted ethically, safely, and within legal boundaries.
REPORTING A VULNERABILITY
If you believe you have discovered a potential security vulnerability, please report it to us as soon as possible.
Email: security@ecesis.net
When reporting, please include:
- A detailed description of the issue
- Steps to reproduce the vulnerability
- Any relevant screenshots, logs, or proof‑of‑concept code
- Your contact information for follow‑up
EXPECTATIONS OF RESEARCHERS
When participating in our disclosure program, researchers must:
- Act in good faith to avoid privacy violations or service disruptions
- Refrain from accessing, modifying, or deleting data
- Not share vulnerability details publicly until EDS confirms remediation
- Avoid any activity that could be harmful or unsafe to systems or users
WHAT YOU CAN EXPECT FROM EDS
Upon receiving a vulnerability report, EDS will:
- Acknowledge receipt of your report in a timely manner
- Review and validate reported issues
- Provide updates throughout the investigation process when appropriate
- Notify you when the issue has been resolved
REWARDS AND RECOGNITION
EDS does not generally provide monetary rewards for vulnerability reports. However, we may offer non‑financial acknowledgments at our discretion as a gesture of appreciation for responsible disclosures.
SAFE HARBOR
If you follow this policy in good faith, EDS commits to:
- Not pursue legal action related to your research
- Consider your actions authorized for the purpose of vulnerability discovery
PROGRAM CHANGES
EDS may update this Vulnerability Disclosure Program at any time. Significant changes will be communicated through our official channels.
THANK YOU
Thank you for helping keep EDS systems and users secure.
