ALPHA DRIVE | Security
21994
page-template-default,page,page-id-21994,page-child,parent-pageid-21809,ajax_fade,page_not_loaded,,select-theme-ver-3.5.2,wpb-js-composer js-comp-ver-5.0.1,vc_responsive
ALPHA DRIVE / About / Security

Security

Responsible Disclosure Policy

The information on this page is intended for security researchers interested in reporting security vulnerabilities to the Alpha Drive security team.

If you are a customer seeking support related to your account, billing, or site content, please reach out to our customer support at support@alphadrive.ai.

If you believe you have discovered a security vulnerability on Alpha Drive, we strongly encourage you to inform us as quickly as possible and to not disclose the vulnerability publicly until it is fixed. We appreciate your assistance, and we review all reports and will do our best to address the issue in a timely fashion. To encourage responsible disclosure, Alpha Drive will not bring a lawsuit against you or ask law enforcement to investigate you if we determine that a disclosure meets the following guidelines.

Responsible Disclosure Guidelines

  • Notify Alpha Drive and provide us details of the vulnerability. Please provide us a reasonable time period (at least 90 days) to address the issue before public disclosure.
  • Provide an appropriate level of detail on the vulnerability to allow us to identify and reproduce the issue. Detail should include target URLs, request/response pairs, screenshots, and/or other information.
  • We will confirm your email and evaluate the validity and reproducibility of the issue. For valid issues, we will work to fix the issue and keep you appraised of progress.
  • Make a reasonable effort to avoid service disruption (e.g. DoS), privacy issues (i.e. accessing a Alpha Drive customer’s data), and data destruction when performing vulnerability research.
  • Do not request compensation for security vulnerability reports either from Alpha Drive or external vulnerability marketplaces.
  • Do not phish or social engineer employees or customers of Alpha Drive.
  • Do not run automated scanning tools and send us the output without confirming the issue is present. Security tools often output false positives that should be confirmed by the reporter.

How to Report a Security Vulnerability

Security vulnerabilities may be reported via email to security-report@alphadrive.ai. If you do not want to be publicly thanked on, please let us know that you want your submission to be confidential in your report email. We are also happy to accept anonymous vulnerability reports.

The validity of a vulnerability will be judged at the sole discretion of Alpha Drive.

Contacting Us

Questions regarding this Security Policy should be directed to support@alphadrive.ai