Vulnerability Disclosure Policy (VDP)

RansNet Singapore Pte Ltd

As a networking and security solutions provider, RansNet commits to ensuring customer security and privacy. The organization welcomes vulnerability reports from partners, users, developers, and ethical hackers to strengthen protections.

Note: This policy does not authorize actions that violate applicable laws and regulations.

Reporting Security Issues

Researchers who discover potential vulnerabilities in RansNet products should:

  • Notify support@ransnet.com promptly upon discovery
  • Avoid privacy violations, service degradation, system disruption, or data destruction
  • Use exploits minimally to confirm vulnerabilities; avoid data exfiltration or lateral movement
  • Allow reasonable time for resolution before public disclosure
  • Immediately cease testing and report to RansNet upon discovering actual vulnerabilities or sensitive data

Recommended report elements:

  • Vulnerability location and exploitation impact
  • Detailed reproduction steps with proof-of-concept materials

Our Responses

RansNet’s response process includes:

  • Incident ticket creation and acknowledgment within 4 hours of email receipt
  • Helpdesk assessment forwarding to research and development teams
  • Vulnerability verification and patch/update release; interim mitigations if needed
  • Daily updates until resolution
  • Public announcement to affected customers with mitigations
  • Inclusion in future releases with version information

RansNet expresses appreciation for contributors helping improve product security and customer protection.