Considerations
- We only concern on the issue that will impact our customers’ installation of IGX SCADA system, any issue related to our commercial websites is not included in this program.
- You must download & setup your own testing environment, do not attempt to access any real time or demo system that wasn’t setup by you.
- You must provide a complete step to reproduce the bug or describe the PoC.
- For security vulnerability issue, ensure it must be a closed disclosure, any zero day or third party disclosure is not qualified.
- Major consideration is any vulnerability that affecting the integrity of data linked to external devices, particularly tag data. DoS attack is not in consideration.
- We do not consider any issue affecting use of beta, release candidate, out-of-date IntegraXor server/editor, browsers and plugins. On the other hand, we *also* do not accept any issue that already fixed in beta/release candidate, although very likely those issues would have reported earlier.
- Only the first reporter for same issue will be considered. We will publish the first reported date in our Release Note orVulnerability Report or in our website where we find appropriate that accessible by public, when the issue is being fixed later.
- Please contact support to obtain our email address to send in your report.
IntegraXor HMI/SCADA Bug Bounty Program | SCADA Bug Bounty Programm
No comments:
Post a Comment