Security at
MediTechSafe
MediTechSafe, Inc. is committed to the security of its platform and takes all vulnerability reports seriously. This page covers how to report a vulnerability, what to expect from us, and how we handle and disclose security issues.
Report a Vulnerability
If you have identified a security vulnerability in any MediTechSafe product or service, please email us at security@meditechsafe.com with the following information:
-
A description of the vulnerability
-
The affected product, feature, or component
-
Steps to reproduce the issue
-
The potential impact as you understand it
-
Any other supporting evidence such as screenshots or proof-of-concept code
You do not need a fully developed exploit to submit a report. Partial findings are welcome.
Anonymous reports are accepted. You are not required to identify yourself. If you choose to remain anonymous, we will still investigate and resolve the issue but will be unable to credit you in our advisory.
What Happens After You Report
Once our security team has reviewed your submission you will receive an acknowledgment. Out of scope reports will be notified as such.
Issues that are considered out of scope for this submission (including but not limited to):
-
Reports from automated tools or scans
-
Reports of insecure SSL / TLS ciphers
-
Social engineering of MediTechSafe, Inc. employees or contractors
-
Facility security gaps
-
Denial of Service attacks
-
Phishing attacks
We do not operate a paid bug bounty program. Acknowledgment and credit are the recognition we offer for valid findings.
Contact
For any security related information, email us at security@meditechsafe.com.