Legal General Terms & Conditions Terms of Use API Terms Refund Policy Subscriber Terms Modern Slavery Statement Privacy Cookie Notice Data Processing Addendum GDPR Privacy Statement Subprocessors Security Data Security Standards Responsible Disclosure Policy

Responsible disclosure policy

Last updated: January 4, 2024

At Simbase, we are committed to maintaining the security of our systems and our customers' data. We provide global IoT connectivity services and understand the critical importance of safeguarding our in-house developed platform, which our customers rely on to manage their devices.

Our Commitment

We continuously monitor and improve our security measures to ensure the integrity and reliability of our services. If you believe you’ve found a security vulnerability within our platform, we encourage you to inform us discreetly, and we promise to investigate all legitimate reports promptly and thoroughly.

How to Report a Security Vulnerability

If you have discovered a potential security issue, please share it with us by following these steps:

1. Send your findings to security@simbase.com.

2. Include sufficient information to reproduce the problem, so we will be able to resolve it as swiftly as possible. Complex vulnerabilities may require further explanation than less complex ones.

3. Disclose the vulnerability to us confidentially, and do not share it with others until we have had a chance to address it.

Our Promise

- We will acknowledge receipt of your vulnerability report within 32 hours.

- We will communicate with you to understand the scope of the vulnerability and will work with you to validate and resolve the issue.

- We will handle your report with strict confidentiality, and we will not share your personal details with third parties without your permission.

- We will keep you informed of our progress during the investigation and resolution stages.

- We aim to resolve any verified vulnerabilities within a reasonable time frame and will release an update as soon as possible.

Out of Scope

Please note that the following issues are considered out of scope for our responsible disclosure policy:

- Findings from automated tools or scans.

- Third-party applications, services, or devices that interact with our platform.

- Denial of Service (DoS or DDoS) vulnerabilities.

Legal

We kindly ask that you refrain from any activity that could harm Simbase or our customers, including but not limited to privacy violations, data destruction, and interruption or degradation of our services. If your security research adheres to this policy, we consider it to be authorized in the context of applicable legal statutes and will not initiate legal action against you.

Simbase is dedicated to working with the security community to find and fix security issues within our services. Together, we can keep our shared digital ecosystem safe and secure.

Responsible disclosure policy

Our Commitment

How to Report a Security Vulnerability

Our Promise

Out of Scope

Legal

Products

Pricing

Resources

Support

About