ARI Vulnerability Disclosure Policy

Advanced Recruiting Intelligence Inc.
Updated: Feb 6, 2021

Promise

Advanced Recruiting Intelligence (ARI) is committed to maintaining the security and privacy of our products and being responsive to reported security concerns. Therefore, ARI welcomes the input of researchers that help us improve our security and privacy. If you believe you have found a security or privacy vulnerability that could impact ARI or our users, we ask that you report it to us as soon as possible. We will investigate and fix any legitimate issues as soon as we can. We ask that you follow this Vulnerability Disclosure Policy and make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service during your research.


Scope

Any product that ARI develops are in scope, this includes our ARI employees. Any third-party products that ARI uses to conduct our business is out of scope.


Safe Harbor

ARI believes in, and supports research performed, and will not initiate legal action as long such research is in good faith and adheres to this policy.


Process

All vulnerabilities should be sent to support@arirecruiting.com. What we ask of you is that the email:

  • is well-written in English.
  • clearly specifies vulnerability in the subject line
  • details specifically the vulnerability found.
  • specifies how you found the vulnerability
  • notifies of any plans for public disclosure.

Our commitment to you is that we will:

  • review and acknowledge your submission within three (3) business days.
  • be open to a dialog concerning the finding.
  • notify as we review the vulnerability for remediation.
Footer Logo
ARI – Advanced Recruiting Intelligence, Inc.
PO Box 27453
Seattle, WA 98165