developer_guide

Responsible Disclosure Programme Guidelines

Introduction

InMobi and Glance takes the security of our systems and its data very seriously. We are continuously striving to maintain and ensure that our environment is safe and secure for everyone to use. If you’ve discovered any security vulnerabilities associated with our applications, we do appreciate your help in disclosing it to us in a responsible manner.

Rules

• Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing.


• Do not engage in any activity that can potentially or actually cause harm to InMobi/Glance, our customers, or our employees.


• Do not initiate any fraudulent financial transactions.


• Do not store, share, compromise or destroy InMobi/Glance or customer data. If Personally Identifiable Information (PII) is encountered, you should immediately halt your activity, purge related data from your system, immediately log in to the portal and submit a bug report using the 'submit a report' option on the left panel. This step protects any potentially vulnerable data, and you.


• Do not engage in any activity that violates (a) Federal or state laws or regulations or (b) the laws or regulations of any country where (i) data, assets or systems reside, (ii) data traffic is routed or (iii) the researcher is conducting research activity.


• Perform research only within the scope set out in the in-scope tab.
• Report submited through email will be considered invalid.
• Log in to the portal and submit a bug report using the 'submit a report' option on the left panel.
• Keep information about any vulnerability you have discovered confidential between yourself and InMobi/Glance. You cannot disclose it publicly until the vulnerability is fixed.

Recognition – Hall of Fame Page

• By continuously helping InMobi/Glance in keeping our data secure, once the security vulnerability is verified and fixed as a result of report, we would like to put your name on our Hall of Fame page.

Note: We currently do not offer any monetary compensation.

Public Disclosure Policy

By default, this program is in “PUBLIC NONDISCLOSURE” mode which means:

"THIS PROGRAM DOES NOT ALLOW PUBLIC DISCLOSURE. ONE SHOULD NOT RELEASE THE INFORMATION ABOUT VULNERABILITIES FOUND IN THIS PROGRAM TO PUBLIC, FAILING WHICH SHALL BE LIABLE FOR LEGAL PENALTIES!”

IMPORTANT: Report submited through email will be considered invalid.

© 2024 InMobi