+31 6 17 34 75 58

info@secian.com

Mon-Fri: 09:00 - 17:00  |  Incident Response: 24/7

Vulnerability Disclosure

At SECIAN, we are committed to ensuring the security and privacy of our systems and services. However, we acknowledge that no system is flawless. If you discover a vulnerability in any of our platforms, we encourage responsible disclosure. By reporting potential security flaws, you help us maintain the highest level of security for our customers and the wider community.

Scope

This policy applies to any vulnerabilities in SECIAN's services or systems, including but not limited to:
  • Web applications
  • Internal systems that process client data
  • Services provided by third-party vendors on our behalf
  • API endpoints

How to Report a Vulnerability

If you have identified a vulnerability, please follow these steps:
  • Email us at contact@secian.com with a detailed description of the issue.
  • Provide steps to reproduce the vulnerability.
  • Include any proof of concept to help us better understand the potential impact.
  • Avoid sharing sensitive data that you may encounter during testing unless absolutely necessary for understanding the issue.

What to Expect

Once you submit your report:
  • Acknowledgment: We will confirm receipt of your report within 72 hours.
  • Investigation: Our team will assess the severity and validity of the vulnerability.
  • Mitigation Plan: If the vulnerability is valid, we will develop a plan to address it. You may be contacted for further information if needed.
  • Public Notification: We may issue a public statement to notify our users, but only after the issue has been mitigated.

Guidelines

To ensure that your discovery is handled appropriately, please adhere to the following:
  • Do not perform tests that could impact system availability (such as DDoS or brute force attacks).
  • Do not access, delete, or modify any data other than your own.
  • Avoid exploiting the vulnerability beyond the purpose of proving its existence.
  • Respect our customers' privacy and avoid accessing any customer information.

Recognition

SECIAN highly values the efforts of security researchers and is committed to recognizing contributions. If your discovery results in a significant improvement to our security, we may offer recognition and, where appropriate, a reward for your findings.

Legal Safe Harbor

We promise not to initiate legal action against researchers who comply with this vulnerability disclosure policy. We consider your research to be conducted in good faith if you adhere to the guidelines outlined above.

We appreciate your efforts to keep our systems secure and look forward to your responsible reports! Thank you for helping Hellcat Security maintain the integrity of our services.

Contact Information

If you have any questions about this vulnerability disclosure policy, please contact us by email at contact@secian.com.

This policy is effective as of 09/09/2024.
Address
1 Laan Van Meerdervoort
The Hague
South-Holland
The Netherlands
Contact
+31 6 17 34 75 58
info@secian.com
Mon-Fri: 09:00 - 17:00  |  Incident Response: 24/7
Industries
Financial Institutions
Law Firms
Mergers & Acquisitions
Supply Chain
High Volume Data Processors
© 2025 SECIAN Ltd. All rights reserved.
Privacy Policy