Responsible disclosure statement
At House of HR, we consider the safety and continuity of our online services as one of our top priorities. Our specialists are continually working to optimise our systems and processes, yet despite all the effort we put in to securing our systems, vulnerabilities may still be present.
We investigate all reports of security vulnerabilities affecting our web presence. If you are a security researcher and you believe you have found a security vulnerability, please help us by reporting it so that we can work together to improve the safety and reliability of our systems.
You can report vulnerabilities by joining the Intigriti bug bounty program and registering as a researcher:
https://www.intigriti.com
Intigriti is a crowdsourced security platform where security researchers and companies meet. As an ethical hacking and bug bounty platform, Intigriti aims to identify and tackle vulnerabilities in a cost efficient way. The platform facilitates online security testing through collaborating with experienced researchers.
CAN I BE REWARDED FOR MY REPORT?
As an Intigriti researcher, you can earn good money. If you are willing to go public with your responsible hacking activities, you can receive financial rewards. Intigriti pays out rewards for every bug you manage to find and submit as the first researcher. Please be aware, Intigriti does not accept registrations from anonymous researchers.
OUR VULNERABILITY REPORTING COMMITMENT
You can expect the following commitments from us:
- We will let you know that we received your report.
- We will forward your report internally immediately.
- We will tell you when we have fixed the vulnerability.
YOUR PRIVACY
Your personal information will only be used to approach you regarding your vulnerability report. We will not distribute your personal information to third parties without your permission. Should the law require us to provide your personal information to an authority we will ensure that the applicable authority treats your personal information confidentially. We will remain responsible for your personal information.
Thank you for your support.
Information Security Team - House of HR
Last update: March 2023