EnviroData Solutions, Inc. (EDS) is committed to maintaining the security and integrity of our systems, applications, and data. We value the contributions of security researchers and members of the community who help us identify potential vulnerabilities. This Vulnerability Disclosure Program outlines how to report issues and what you can expect from us.
This program applies to any digital assets owned, operated, or maintained by EDS, unless explicitly excluded. We ask that all testing be conducted ethically, safely, and within legal boundaries.
If you believe you have discovered a potential security vulnerability, please report it to us as soon as possible.
Send vulnerability reports to:
security@ecesis.netWhen reporting, please include:
- A detailed description of the issue
- Steps to reproduce the vulnerability
- Any relevant screenshots, logs, or proof-of-concept code
- The affected URL, endpoint, or component if known
- Your contact information for follow-up
When participating in our disclosure program, researchers must:
- Act in good faith to avoid privacy violations or service disruptions
- Refrain from accessing, modifying, or deleting data that does not belong to them
- Not share vulnerability details publicly until EDS confirms remediation
- Avoid any activity that could be harmful or unsafe to systems or users
- Not use automated scanning tools that generate significant traffic or could impact service availability
Upon receiving a vulnerability report, EDS will:
- Acknowledge receipt of your report in a timely manner
- Review and validate reported issues
- Provide updates throughout the investigation process when appropriate
- Notify you when the issue has been resolved
- Work with you in good faith to understand and address the reported issue
EDS does not generally provide monetary rewards for vulnerability reports. However, we may offer non-financial acknowledgments at our discretion as a gesture of appreciation for responsible disclosures.
If you follow this policy in good faith, EDS commits to:
- Not pursue legal action related to your research
- Consider your actions authorized for the purpose of vulnerability discovery
- Work collaboratively with you to resolve the identified issue
EDS may update this Vulnerability Disclosure Program at any time. Significant changes will be communicated through our official channels.
Thank you for helping keep EDS systems and users secure. Your contributions to security research make our products safer for everyone.
