At Move Up Faster, we take the protection of our customers’ data very seriously.
Move Up Faster acknowledges the valuable role user feedback provides in developing our services and security posture, and we encourage responsible reporting of any vulnerabilities that may be found the websites we create or any of the other Services provided.
We ask that you do not share or publicize an unresolved vulnerability with third parties. If you responsibly submit a vulnerability report, we will use reasonable efforts to respond in a timely manner, acknowledging receipt of your vulnerability report, and investigate the reported vulnerability. We may send an automated response as acknowledgement and if you provided us with contact information, we may contact you if additional information is needed to assist with the investigation. For the security of our customers, we generally will not disclose, discuss, or confirm security issues.
Reporting a potential security vulnerability:
Privately share details of the suspected vulnerability with Move Up Faster by sending an email to [email protected]
Provide full details of the suspected vulnerability so we may validate and reproduce the issue, including:
A detailed description of the vulnerability
The full URL
A Proof of Concept (POC) or instructions (e.g. screen shots, video, etc.) on how to reproduce the vulnerability or steps taken
Entry fields, filters, or other objects involved
Risk or exportability assessment
Instructions for how to reach you with follow up questions
Offering a solution is encouraged but not required. Lack of detailed vulnerability explanation may result in delays in our response and subsequent potential actions on the finding.
Move Up Faster does not permit the following types of security research:
While we encourage you to discover and report to us any vulnerabilities you find in a responsible manner, the following conduct is expressly prohibited:
Active vulnerability scanning or testing and performing actions that may negatively affect Move Up Faster or its users (such as spam, brute force, denial of service, and similar actions)
Hack, penetrate, or otherwise attempt to gain unauthorized access to Move Up Faster software, servers, or systems
Accessing, or attempting to access, data or information that does not belong to you
Destroying or corrupting, or attempting to destroy or corrupt, data or information that does not belong to you
Conducting any kind of physical or electronic attack on Move Up Faster personnel, property or data centers
Social engineering any Move Up Faster service desk, employee or contractor
Conducting vulnerability testing of participating services using anything other than test accounts
Violating any laws or breaching any agreements in order to discover vulnerabilities