• +1 877-224-5445
  • sales@haivision.com
EN
ES FR DE PR
Contact
Home / Legal / Coordinated Vulnerability Disclosure Policy

Coordinated Vulnerability Disclosure Policy

Latest Update: April 2, 2026

Print This Page

Purpose

The purpose of this Policy is to provide a safe and respectful process for security researchers and members of the public to report security vulnerabilities related to Haivision’s systems, products, and services. This program supports our commitment to protecting user data and maintaining strong security posture.

Scope

This program applies to:

  • All Haivision-owned websites, applications, products, and infrastructure.
  • Security vulnerabilities that could affect the confidentiality, integrity, or availability of our systems or data.

Our Commitment

Haivision commits to:

  • Acknowledging reports within 5 business days.
  • Providing progress updates and a final resolution timeline.
  • Not pursuing legal action against good-faith researchers who follow this Policy.
  • Listing contributors publicly (optional), if permission is granted

How To Report a Vulnerability

To report a vulnerability, email us at: secops@haivision.com
Please include:

  • A detailed description of the issue.
  • Steps to reproduce vulnerability.
  • Any relevant evidence (e.g., screenshots, logs, proof-of-concept).

Rules of Engagement

Researchers must:

  • Act in good faith and avoid violating privacy, disrupting systems, or accessing unauthorized data.
  • Not exploit or disclose the vulnerability before it is resolved.
  • Avoid actions that could result in data loss, service degradation, or harm to users.
  • Give us a reasonable amount of time to resolve the issue (typically 90 days before public disclosure).

Out of Scope Vulnerabilities

Haivision will not accept reports for:

  • Social engineering attacks.
  • Physical security findings.
  • Issues in third-party platforms or services not controlled by Haivision.
  • Clickjacking on pages with no sensitive actions.

Legal Safe Harbour

If someone makes a good-faith effort to comply with this policy during their security research, Haivision will consider such research activities to be authorized and will not pursue legal action. Individuals are requested to contact us in advance before engaging in any activity that may fall outside the scope of this policy.

Contact

For any questions about this program, please contact: secops@haivision.com