Responsible disclosure 

At CubaDriver.com, the security of our systems is a top priority. Despite our best efforts, there may still be vulnerabilities present.

If you discover a vulnerability, we request that you notify us immediately so we can address it as quickly as possible. Your assistance in helping us protect our clients and our systems is greatly appreciated.

To report a vulnerability, please follow these guidelines:

• Submit your report via an encrypted email, to security@cubadriver.com,
• Do not exploit the vulnerability for personal gain or harm.
• Do not share the details of the vulnerability until it has been resolved.
• Do not use physical attacks, social engineering, distributed denial of service, spam, or third-party applications.
• Provide sufficient information to reproduce the problem. Typically, the IP address or URL of the affected system and a vulnerability description will suffice. However, complex vulnerabilities may require additional explanation.

Our commitment to you:

• We will respond to your report within 10 business days with an evaluation and expected resolution date.
• If you follow the guidelines above, we will not take legal action against you.
• We will maintain strict confidentiality and will not disclose your personal information to third parties without your consent.
• We will keep you updated on the status of the issue.
• In the public information about the problem, we will credit you as the discoverer of the vulnerability (unless you prefer otherwise).
• We strive to resolve all issues as quickly as possible, and we would like to participate in the eventual disclosure of the vulnerability.

Please note that we do not currently offer monetary rewards for reporting security vulnerabilities.

This text is written by Floor Terra and is published under a Creative Commons Attribution 3.0 Unported license.