Clarus WOTC Logo

Responsible Disclosure Policy

Data security is a top priority for Clarus Solutions. The following outlines our policy for reporting vulnerabilities.

Disclosure Policy

        • If you believe you’ve discovered a potential vulnerability, please let us know immediately by emailing us at [email protected]. We will acknowledge your email promptly and respond with requests for evidence/necessary follow-up as soon as we are able to assess the vulnerability. Should the issue pose what Clarus Solutions deems as a security risk, we may, at that time, provide an estimated timeframe for remediation.
        • Public knowledge of a vulnerability has the potential to invite attacks on our services. Please provide Clarus Solutions a reasonable amount of time to resolve any issue, and refrain from disclosing it to the public or a third party unless working under the direct supervision of Clarus Solutions LLC. 
        • Make good-faith efforts to avoid violating privacy, destroying data, or interrupting/otherwise degrading Clarus Solutions services. Only interact with accounts you own or for which you have explicit permission from the account holder.

Exclusions

Under no circumstances are you to investigate potential vulnerabilities in any way that can potentially compromise the integrity of the system as a whole, unless under the direct supervision of Clarus Solutions. Such investigation methods include, but are not limited to:
        • Distributed Denial of Service (DDoS)
        • Spamming
        • Social engineering or phishing of Clarus Solutions employees or contractors
        • Any attacks against Clarus Solutions’s physical property or data centers

Changes

We may revise these guidelines from time to time. The most current version of the guidelines will be available at www.claruswotc.com/security
Clarus Solutions is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at [email protected]

 

Disciplinary Action

Any party – including employees of Clarus Solutions – who violate this policy, may face legal or disciplinary consequences in proportion to their violation. Any legal or disciplinary action taken will be at the sole discretion of Clarus Solutions.

 

Responsibility

Clarus Solutions LLC is solely responsible for maintaining the security of its systems. All questions, concerns, or vulnerability reports must be directed to Clarus Solutions LLC by emailing [email protected].

Responsible Disclosure Policy

Data security is a top priority for Clarus Solutions. The following outlines our policy for reporting vulnerabilities.

Disclosure Policy

  • If you believe you’ve discovered a potential vulnerability, please let us know immediately by emailing us at [email protected]. We will acknowledge your email promptly and respond with requests for evidence/necessary follow-up as soon as we are able to assess the vulnerability. Should the issue pose what Clarus Solutions deems as a security risk, we may, at that time, provide an estimated timeframe for remediation.
  • Public knowledge of a vulnerability has the potential to invite attacks on our services. Please provide Clarus Solutions a reasonable amount of time to resolve any issue, and refrain from disclosing it to the public or a third party unless working under the direct supervision of Clarus Solutions LLC. 
  • Make good-faith efforts to avoid violating privacy, destroying data, or interrupting/otherwise degrading Clarus Solutions services. Only interact with accounts you own or for which you have explicit permission from the account holder.

Exclusions

Under no circumstances are you to investigate potential vulnerabilities in any way that can potentially compromise the integrity of the system as a whole, unless under the direct supervision of Clarus Solutions. Such investigation methods include, but are not limited to:

        • Distributed Denial of Service (DDoS)
        • Spamming
        • Social engineering or phishing of Clarus Solutions employees or contractors
        • Any attacks against Clarus Solutions’ physical property or data centers

Changes

We may revise these guidelines from time to time. The most current version of the guidelines will be available at www.claruswotc.com/security
Clarus Solutions is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at [email protected]

 

Disciplinary Action

Any party – including employees of Clarus Solutions – who violate this policy, may face legal or disciplinary consequences in proportion to their violation. Any legal or disciplinary action taken will be at the sole discretion of Clarus Solutions.

 

Responsibility

Clarus Solutions LLC is solely responsible for maintaining the security of its systems. All questions, concerns, or vulnerability reports must be directed to Clarus Solutions LLC by emailing [email protected].