Coordinated Vulnerability Disclosure Policy Information

Cambridge Computer Systems Limited takes security issues extremely seriously and welcomes feedback from security researchers in order to improve the security of its products and services. We operate a policy of coordinated disclosure for dealing with reports of security vulnerabilities and other issues. To privately report a suspected security issue to us, please send an email to security@ccsys.uk), giving as much detail as you can including a proof of concept and perceived risks. We will respond to you as soon as possible. If the suspected security issue is confirmed, we will then come back to you with an estimate of how long the issue will take to fix. Once the fix is deployed, we will notify you and recognise your efforts on this page.

We ask the following:
What we promise:

We prefer secure communication, but not to the extent that no communications are possible. We use PGP/GPG and our key is available to download here

We give thanks to the following people who have helped make our products and services more secure by making a coordinated disclosure with us: