If you believe you've identified a potential security vulnerability on any IdeaSynthesis application or website or with one of the services we use, please report it to us right away. We will evaluate all legitimate reports as soon as possible and try to fix any problems quickly.

More Information

Please send any reports to info@ideasynthesis.com: we will get back to you as soon as possible. We would be grateful if you:

• Notify IdeaSynthesis and provide all details of the vulnerability before making any information public.
• Provide us a reasonable amount of time to address the issue before publication.
• Provide all details of the vulnerability to support validation and reproduction of the issue.
• Work with us to avoid data destruction, theft, privacy violations or service interruptions.

Exclusions

While researching, we'd respectfully ask that you don't:

• Perform denial of service attacks
• Spam our service and endpoints
• Perform any social engineering or phishing of our staff or contractors
• Perform any physical attempts

In addition, our security policy considers the following to be out of scope:

• DMARC configuration