RealDefense’s Vulnerability Response Guide

RealDefense is committed to resolving security vulnerabilities in our product quickly and carefully. We take all necessary steps to minimize customer risk, provide timely information, and deliver vulnerability fixes and remediation to vulnerabilities identified in our software.

Process

RealDefense’s PSIRT team receives, investigates, and publicly reports security vulnerabilities information that is related to RealDefense Products.

Disclosure Policy

Public disclosures by PSIRT are done in a responsible manner, to not put our customers and partners at risk of exploitation. To this extent, RealDefense will not announce a vulnerability publicly without an actionable workaround, KB article, hotfix or a version update.

Report Submission

To report a finding, please send a detailed email to psirt@iolo.com. The email should contain-

• Product name and version
• Date the vulnerability was observed
• Description of the vulnerability
• Instructions to duplicate the vulnerability (this can be written steps, a video or a set of screen captures)
• Your name and company (if applicable)
• Your preferred contact information (email, phone, etc.)

Finders Credit

We work closely with researchers who communicate vulnerabilities to us, and we give credit to finders who follow responsible disclosure and does not disclose the vulnerability publicly before RealDefense follows our responsible disclosure.